Explore the critical role of The Update Framework (TUF) and Docker Content Trust in securing software packages and container images for Kubernetes deployments. Learn how to implement image signing in your build pipeline and restrict container deployments using Validating/Mutating Admission Webhook Controllers. Gain practical skills to enhance the security of your CI/CD pipeline through this 43-minute talk by Zachary Arnold and Justin Cappos, which demystifies TUF/Notary and provides a hands-on demonstration of implementing robust security measures in cloud-native environments.
Overview
Syllabus
Using Docker Content Trust w/ Kubernetes Admission Controllers to Further Secure your Runtime
Taught by
Docker