Protect the Pipe - A Policy-based Approach for Securing CI/CD Pipelines
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore a cloud-native security framework for Tekton pipelines using in-toto, Kyverno, and sigstore in this conference talk. Learn about the unique security challenges faced by CI/CD pipelines and discover how to implement policy-based controls for pipeline composition, configurations, and execution. Gain insights into protecting critical assets in modern applications that are composed of numerous packages and delivered through automated CI/CD pipelines. Watch as the speakers demonstrate the use of open-source tools to attest and verify each pipeline resource and execution step using declarative policies, addressing the growing risks of attacks, vulnerabilities, and misconfigurations in rapid delivery environments.
Syllabus
Protect the Pipe! A Policy-based Approach for Securing CI/CD Pipe... Shripad Nadgowda & Jim Bugwadia
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Attesting Practically: Exploring the Glue Behind Secure Runtime EnvironmentsLinux Foundation via YouTube Automate Production-Ready Cluster Using Crossplane Compositions and Kyverno
CNCF [Cloud Native Computing Foundation] via YouTube Automation-as-Policy for Platform Teams Using Kyverno
CNCF [Cloud Native Computing Foundation] via YouTube Avoiding IAC Potholes with Policy and Cloud Controllers
CNCF [Cloud Native Computing Foundation] via YouTube Deploying Pod Security Policies Using Kyverno - A New Approach
CNCF [Cloud Native Computing Foundation] via YouTube