Let Devs Be Devs Without Sacrificing Security

Explore how to balance developer freedom with security requirements in this 18-minute conference talk by Andrew McNamara from Red Hat. Learn about creating flexible and adaptive pipelines that accommodate both proof-of-concept and production-quality code without compromising security. Discover how combining Tekton, Tekton Chains, and Enterprise Contract within a production CI environment can build a secure, flexible framework for software development. Understand the benefits of using SLSA provenance and policy enforcement to create risk-based policies that prevent unacceptable software from entering systems while allowing developers to innovate. Find out how to use the same pipeline for both development and production environments by implementing appropriate policies for each scenario.

Let Devs Be Devs Without Sacrificing Security - Andrew McNamara, Red Hat