Sometimes we get emails to security@ that are not appropriate for that venue: questions about how to harden kubenetes, public vulns, &c. It would make life easier for us and better experience for the requestor if we could close those out quickly and affirmatively. Let's create a comms template for that situation.
It can probably start from the language in the email auto-reply:
If this report is neither a vulnerability report nor a security incident, this is probably not the right list. Consider one of these public options instead:
- kubernetes-security-discuss@googlegroups.com
- open an issue: http://issues.k8s.io/new/choose
- #kubernetes-security slack channel: http://slack.k8s.io/
Sometimes we get emails to security@ that are not appropriate for that venue: questions about how to harden kubenetes, public vulns, &c. It would make life easier for us and better experience for the requestor if we could close those out quickly and affirmatively. Let's create a comms template for that situation.
It can probably start from the language in the email auto-reply: