Explore how to enhance Kubernetes cluster security and compliance using Gatekeeper and Ratify in this informative conference talk. Learn to implement advanced supply chain policies by leveraging Gatekeeper's admission controller capabilities and Ratify's artifact verification features. Discover techniques for intercepting and validating Kubernetes API server requests, enforcing CRD-based policies, and incorporating external data for comprehensive security measures. Gain insights into verifying image signatures, analyzing SBOMs for vulnerabilities, and developing custom verifiers to meet evolving policy requirements. Master the integration of Gatekeeper, Ratify, and OCI registries to create robust supply chain security policies for your Kubernetes clusters, ensuring compliance with corporate and regulatory standards.
Building Supply Chain Policies with Gatekeeper and Ratify
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Checking the Chains at the Gate: Building Supply Chain Policies with Gatekeeper & Ratify - J Rickard
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Enforceable Supply Chain Security Policy with OPA Gatekeeper and Ratify
-
Enforceable Supply Chain Security Policy with OPA Gatekeeper and Ratify
-
Securing the Container Supply Chain with Notary, TUF, and Gatekeeper
-
Securing Kubernetes Manifests with Sigstore Cosign - Options and Best Practices
-
Sign, Attest, and Verify - A Practical Guide for Software Supply Chain Security
-
Secure Container Supply Chain with Notation, ORAS, and Ratify
