Securing Kubernetes Manifests with Sigstore Cosign - Options and Best Practices
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore options for verifying Kubernetes manifests with Sigstore Cosign before cluster application in this informative conference talk. Learn how Sigstore Cosign integrates with Kubernetes to provide secure solutions for signing and verifying container images, resource manifests, configuration files, and other critical components bundled as generic OCI images. Discover the use of GitOps tools like FluxCD and policy engines such as Kyverno and Gatekeeper in combination with Sigstore Cosign to enforce security policies and prevent unwanted cluster changes. Gain valuable insights into software supply chain security, container image workflows, and cluster policies. Suitable for both experienced Kubernetes users and beginners, this talk offers practical knowledge on securing Kubernetes deployments using Sigstore Cosign.
Syllabus
Introduction
What is Software Supply Chain
Container Image Workflow
Cosign
Kubernetes Manifest
Cluster Policy
MChart
Flex
Conclusion
Taught by
Linux Foundation
Tags
Related Courses
Kyverno - Deep Dive - Tech TalksMirantis via YouTube Kubernetes Native Policy Management with Kyverno
Ekoparty Security Conference via YouTube Hands-on Introduction to Sigstore - Securing the Software Supply Chain
Rawkode Academy via YouTube Hands-on with Policy Reporter - Kyverno Visibility Tool
Rawkode Academy via YouTube Introduction to Kyverno - Getting Started with Kubernetes Policy Management
Rawkode Academy via YouTube