Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Protect the Pipe - A Policy-based Approach for Securing CI/CD Pipelines

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore a cloud-native security framework for Tekton pipelines using in-toto, Kyverno, and sigstore in this conference talk. Learn about the unique security challenges faced by CI/CD pipelines and discover how to implement policy-based controls for pipeline composition, configurations, and execution. Gain insights into protecting critical assets in modern applications that are composed of numerous packages and delivered through automated CI/CD pipelines. Watch as the speakers demonstrate the use of open-source tools to attest and verify each pipeline resource and execution step using declarative policies, addressing the growing risks of attacks, vulnerabilities, and misconfigurations in rapid delivery environments.

Syllabus

Protect the Pipe! A Policy-based Approach for Securing CI/CD Pipe... Shripad Nadgowda & Jim Bugwadia

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Protect the Pipe - A Policy-based Approach for Securing CI/CD Pipelines

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.