Explore a comprehensive DevSecOps implementation strategy in this 29-minute conference talk from DevConf.CZ 2024. Learn how to leverage Stackrox, Tekton, and other open-source security tools like Sigstore to build robust production pipelines. Discover techniques for eliminating security risks in CI/CD processes, securing the software supply chain through continuous scanning and runtime protection, and shifting security left to detect and remediate vulnerabilities early. Gain insights into providing automated guardrails for developers by integrating Stackrox with DevOps and security tools such as Sigstore and Quay. Presented by Roberto Carratalá and Philipp Bergsmann, this session offers practical guidance for constructing secure and efficient DevSecOps workflows in production environments.
Implementing DevSecOps in Production with Stackrox and Tekton
Overview
Syllabus
Implementing DevSecOps in Production with Stackrox and Tekton - DevConf.CZ 2024
Taught by
DevConf
Related Courses
-
Implementing and Managing GitHub for DevSecOps
-
DevSecOps : Master Securing CI/CD | DevOps Pipeline(2023)
-
DevSecOps Transformation at Speed and Scale Using Tekton
-
Road to SLSA3 - Non-falsifiable Provenance in Tekton with SPIFFE/SPIRE
-
The DevSecOps Builder's Guide to the CI/CD Pipeline
-
Policy Compliance with Sigstore - From Signing Software to Validating the Whole Software Supply Chain
