Explore how to secure the GitOps supply chain by signing and verifying container images within Argo Workflows pipelines using open-source projects Sigstore and Kyverno. Learn to eliminate security risks in the software supply chain by signing all container images in public or private registries and ensuring no malicious images are deployed in Kubernetes clusters. This 26-minute conference talk, presented by Roberto Carratala and Faz Sadeghi from Red Hat, demonstrates practical techniques to enhance the security of your GitOps workflows and protect your Kubernetes environments from potential threats.
Securing GitOps Supply Chain with Sigstore and Kyverno
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Securing GitOps Supply Chain with Sigstore and Kyverno - Roberto Carratala & Faz Sadeghi, Red Hat
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Securing Your Software Supply Chain with Sigstore
-
Kubernetes Security: Implementing Supply Chain Security
-
Securing Kubernetes Manifests with Sigstore Cosign - Options and Best Practices
-
Hands-on Introduction to Sigstore - Securing the Software Supply Chain
-
Kicking Security Chain Attacks to the Curb with Kyverno and Notary in GitOps
-
Securing Kubernetes Manifests with Sigstore and Kyverno
