Securing the Deploy Pipeline
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore a comprehensive solution for securing deployment pipelines in this 31-minute conference talk from KubeCon + CloudNativeCon. Discover how Shopify addresses the challenge of deploying arbitrary code to production while maintaining security. Learn about running checks on containers to assess vulnerabilities and software updates, implementing signature-based verification using Grafeas, and enforcing security policies with the Kritis admission controller. Understand the importance of logging container metadata throughout its lifecycle for potential recalls and redeployments. Gain insights into leveraging Grafeas and Kritis as powerful tools within the Kubernetes ecosystem to prevent privilege escalation via code deployment.
Syllabus
Intro
Overview
Attaching Checks
Voucher
Break Glass
Summary
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube