Dear Apache Team, I hope this email finds you well.
We are a team from Ernst and Young LLP - India, dedicated to providing innovative supply chain solutions for a diverse range of clients. Our team recently encountered a pivotal use case necessitating the utilization of PySpark for a project aimed at handling substantial volumes of data. As part of our deployment strategy, we are endeavouring to implement a Spark-based application on our Azure Kubernetes service. Regrettably, we have encountered challenges from a security perspective with the latest Apache Spark Docker image, specifically apache/spark-py:latest. Our security team has meticulously conducted an assessment and has generated a comprehensive vulnerability report highlighting areas of concern. Given the non-compliance of the Docker image with our organization's stringent security protocols, we find ourselves unable to proceed with its integration into our applications. We attach the vulnerability report herewith for your perusal. Considering these circumstances, we kindly request your esteemed team to provide any resolutions or guidance that may assist us in mitigating the identified security vulnerabilities. Your prompt attention to this matter would be greatly appreciated, as it is crucial for the successful deployment and operation of our Spark-based application within our infrastructure. Thank you for your attention to this inquiry, and we look forward to your valued support and assistance. Please find attachment for the vulnerability report Best Regards, Tonmoy Sagar | Sr. Consultant | Advisory | Asterisk Ernst & Young LLP C-401, Panchshil Tech Park One, Yerawada, Pune, Maharashtra 411006, India Mobile: +91 8724918230 | tonmoy.sa...@in.ey.com<mailto:tonmoy.sa...@in.ey.com> Thrive in the Transformative Age with the better-connected consultants - ey.com/consulting<http://ey.com/consulting> The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. The firm is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
spark_vulnerability_report.xlsx
Description: spark_vulnerability_report.xlsx
--------------------------------------------------------------------- To unsubscribe e-mail: user-unsubscr...@spark.apache.org
