Overview
Explore two popular open-source projects, Cosign and Kyverno, for securing containers in production environments in this 20-minute DevSecCon talk. Learn how these tools complement each other to mitigate security risks associated with unsigned container images in cloud-native applications. Discover basic use cases essential for hardening production clusters, making this presentation valuable for SecOps teams new to container image security and traditional build systems looking to adopt modern tools. Gain insights from speakers Anusha Hegde, a Technical Product Manager at Nirmata with expertise in cluster management and container image signing, and Dolis Sharma, a Certified Kubernetes Administrator and Customer Success Engineer at Nirmata who manages production Kubernetes clusters.
Syllabus
Secure Kubernetes manifests with Cosgin and Kyverno - Dolis Sharma & Anusha Hedge
Taught by
DevSecCon