The cloud-focused program will pay out $10,000 as its top reward.
A public bug-bounty program for the Kubernetes container technology framework has just launched, backed by Google, HackerOne and the Cloud Native Computing Foundation (CNCF).
The Kubernetes container-orchestration system was originally built by Google for automating application deployment, scaling and management in the cloud. The culmination of 15 years of development experience, Google open-sourced the Kubernetes project in 2014. It is now maintained by the CNCF, whose community of volunteers will manage vulnerability processing and resolutions related to the bug-bounty program.
Bounties will range from $100 to $10,000. The program’s scope covers code from the main Kubernetes organizations on GitHub (Kubernetes has more than 100 certified distributions), as well as “continuous integration, release and documentation artifacts,” according to a Kubernetes security team post
For More Details : https://threatpost.com/bounty-program-kubernetes-container/151824/