Envoy is hosted by the Cloud Native Computing Foundation (CNCF). If you are a
company that wants to help shape the evolution of technologies that are container-packaged,
dynamically-scheduled and microservices-oriented, consider joining the CNCF. For details about who’s
involved and how Envoy plays a role, read the CNCF
A third party security audit was performed by Cure53, you can see the full report here.
Reporting security vulnerabilities
If you’ve found a vulnerability or a potential vulnerability in Envoy please let us know at
envoy-security. We’ll send a confirmation
email to acknowledge your report, and we’ll send an additional email when we’ve identified the issue
positively or negatively.
For further details please see our complete security release process.