YoVDO

Securing the Deploy Pipeline

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Conference Talks Courses DevOps Courses Kubernetes Courses Container Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a comprehensive solution for securing deployment pipelines in this 31-minute conference talk from KubeCon + CloudNativeCon. Discover how Shopify addresses the challenge of deploying arbitrary code to production while maintaining security. Learn about running checks on containers to assess vulnerabilities and software updates, implementing signature-based verification using Grafeas, and enforcing security policies with the Kritis admission controller. Understand the importance of logging container metadata throughout its lifecycle for potential recalls and redeployments. Gain insights into leveraging Grafeas and Kritis as powerful tools within the Kubernetes ecosystem to prevent privilege escalation via code deployment.

Syllabus

Intro
Overview
Attaching Checks
Voucher
Break Glass
Summary


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Introduction to Cloud Infrastructure Technologies
Linux Foundation via edX Scalable Microservices with Kubernetes
Google via Udacity Google Cloud Fundamentals: Core Infrastructure
Google via Coursera Introduction to Kubernetes
Linux Foundation via edX Fundamentals of Containers, Kubernetes, and Red Hat OpenShift
Red Hat via edX