Explore a comprehensive conference talk on enhancing software supply chain security in GitOps using CNCF projects like Kyverno, Notary, and ORAS. Learn how to establish trust for container images and verify resources at scale in modern Kubernetes deployments. Discover the importance of distributing detached signatures and signed SBOMs for container images, and understand how the OCI v1.1 Spec's referrers API facilitates the association of supply chain artifacts with container images. Gain insights into implementing these tools to improve security checks pre-deployment and manage applications across multiple clusters and environments. Watch as Shuting Zhao and Feynman Zhou demonstrate practical techniques for verifying image integrity, security, and compliance in large-scale Kubernetes deployments.
Kicking Security Chain Attacks to the Curb with Kyverno and Notary in GitOps
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Kicking Security Chain Attacks to the Curb with Kyverno and Notary... - Shuting Zhao & Feynman Zhou
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Secure Container Supply Chain in Kubernetes the Easy Way
-
Securing Container Supply Chain in CI/CD with Notary Project, ORAS and Harbor
-
Sign, Attest, and Verify - A Practical Guide for Software Supply Chain Security
-
Securing GitOps Supply Chain with Sigstore and Kyverno
-
Enforceable Supply Chain Security Policy with OPA Gatekeeper and Ratify
-
Improve Vulnerability Management with OCI Artifacts - It Is That Easy
