If you discover a security vulnerability in this repository, please report it responsibly.

• Vulnerabilities in any code examples
• Exposed secrets or credentials in documentation
• Security misconfigurations in lab exercises
• Links to malicious or compromised resources

1. Do NOT open a public GitHub issue for security vulnerabilities
2. Open a private security advisory on GitHub, or
3. Contact the maintainers directly

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

When using the lab exercises in this repository, follow these security practices:

# Always use resource limits
resources:
  limits:
    cpu: "500m"
    memory: "128Mi"
  requests:
    cpu: "100m"
    memory: "64Mi"

• Never commit real secrets to the repository
• Use placeholder values in examples
• Reference external secret management solutions

Always implement network policies in practice environments:

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: default-deny-all
spec:
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress

Follow the principle of least privilege:

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: pod-reader
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "list"]

• Never share actual exam questions
• Do not post screenshots from exams
• Focus on concepts, not specific exam content

• Only link to trusted, official sources
• Verify links are not compromised
• Report any suspicious links immediately

We follow responsible disclosure practices:

1. Acknowledgment - We will acknowledge receipt within 48 hours
2. Assessment - We will assess and prioritize the issue
3. Resolution - We will work on a fix
4. Credit - We will credit reporters (unless anonymity is preferred)

For security concerns, please contact the maintainers through GitHub.

Thank you for helping keep this learning resource safe!