Community post by Annalisa Gennaro, SparkFabrik

What is TAG Security

The CNCF Security Technical Advisory Group (TAG-Security)  facilitates collaboration to discover and produce resources that enable secure access, policy control, and safety for operators, administrators, developers, and end-users across the cloud native ecosystem.

According to its vision, there is a future where operators, administrators and developers feel confident creating new cloud native applications. They use cloud technologies with clear understanding of risks and the ability to validate that their security policy decisions are reflected in deployed software.

TAG-Security envisions a secure by default ecosystem of tools that can simplifies the experience of cloud native operators, administrators and developers, including system security, and common vocabulary, open source libraries and protocols. 

Why a white paper dedicated to Security?

To answer this question, we must broaden our gaze to a wider context. The technology industry has shifted towards patterns of development and deployment that are seen as “cloud native.” Simultaneously, the ecosystem of technologies, products, standards, and solutions is expanding, challenging decision makers to remain abreast of complex designs. The CISO role, in particular, has the evolving responsibility of illuminating business value propositions in this dynamic arena. Meanwhile, cloud native patterns have also encouraged changes in consumption and adoption of modern workflows that encourage integrated security practices.

This white paper aims to outline everything in the most vendor-neutral and vendor-agnostic way possible, to support cloud native teams and decision makers both.

Why an Italian translation?

Because documentation is fundamental, and having it in different languages allows for breaking down any barriers to entry for those who are not confident in English. It also facilitates and enables the widening of the onboarding of new people approaching for the first time our community and the knowledge it aims to spread: CNCF mission is to make the Cloud Native ubiquitous.

The TAG itself refers in its work to the Glossary, a project of the Business Value Subcommittee (#marketing-business-value on the CNCF Slack), which is in the process of being developed and which is proposed as a living and constantly updated resource, super partes and vendor agnostic, within a Cloud Native Learning Journey that is currently being defined.

We all hope that the efforts made can be of any help to all kinds of organizations that have been approaching cloud-native development.


Translators: Paolo Mainardi (SparkFabrik, TAG Security), Daniele Monti (SparkFabrik), Andrea Panisson (SparkFabrik), Giuseppe Arancio (SparkFabrik), Filippo Merante Caparrotta (SparkFabrik), Marcello Testi (Cartografos), Annalisa Gennaro (SparkFabrik, Glossary, Cartografos, KCD, Ambassador)


Luca Bandini (SIGHUP), Matteo Bisi (SIGHUP), Edoardo Vacchieri (SIGHUP), Marco De Benedictis (ControlPlane)

A huge thank you to Andrés Vega, TAG Security, for his immense help throughout this journey!!