YoVDO

Securing the Deploy Pipeline

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Conference Talks Courses DevOps Courses Kubernetes Courses Container Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a comprehensive solution for securing deployment pipelines in this 31-minute conference talk from KubeCon + CloudNativeCon. Discover how Shopify addresses the challenge of deploying arbitrary code to production while maintaining security. Learn about running checks on containers to assess vulnerabilities and software updates, implementing signature-based verification using Grafeas, and enforcing security policies with the Kritis admission controller. Understand the importance of logging container metadata throughout its lifecycle for potential recalls and redeployments. Gain insights into leveraging Grafeas and Kritis as powerful tools within the Kubernetes ecosystem to prevent privilege escalation via code deployment.

Syllabus

Intro
Overview
Attaching Checks
Voucher
Break Glass
Summary


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Maintaining Deployment Security in Microsoft Azure
Pluralsight Microsoft Azure Security Engineer: Configure Advanced Security for Compute
Pluralsight Microsoft Azure Security Technologies (AZ-500) Cert Prep: 2 Implement Platform Protection
LinkedIn Learning Securing Containers and Kubernetes Ecosystem
LinkedIn Learning Performing DevSecOps Automated Security Testing
Pluralsight