Today, the Helm Maintainers are proud to announce that we have successfully completed a 3rd party security audit for Helm 3. Helm has been recommended for public deployment.

Helm, the package manager for Kubernetes, just completed its first security audit. This is one of the benefits of being a CNCF project.

As with every security audit I’ve been involved with, I learned something new. I was also reminded of some things I’ve forgotten. Reading the results of the security audit were a benefit to me, personally. They helped with my growth.

While many security audits are kept private within organizations, audits by organizations like the CNCF are made publicly available.

Cure53 performed the Helm security audit, has performed audits for other CNCF projects, and has performed audits for others. When they can, the audits are made publicly available. If you enjoy reading white papers or long articles to learn something, these papers are a great place to start.