December 3, 2019

160 words 1 min read

Securing your Kubernetes Delivery Pipelines with Notary and TUF

Securing your Kubernetes Delivery Pipelines with Notary and TUF

As the cloud native ecosystem matures, the focus shifts more towards security. One of the key challenges in this area for enterprises is ensuring that you trust the code that's running in your product …
Talk Title Securing your Kubernetes Delivery Pipelines with Notary and TUF
Speakers Michael Hough (Software Engineer, IBM), Liam White (Software Engineer, IBM)
Conference KubeCon + CloudNativeCon Europe
Conf Tag
Location Copenhagen, Denmark
Date Apr 30-May 4, 2018
URL Talk Page
Slides Talk Slides
Video

As the cloud native ecosystem matures, the focus shifts more towards security. One of the key challenges in this area for enterprises is ensuring that you trust the code that’s running in your production environment and that it hasn’t been tampered with by malicious third parties. In this session, you’ll learn about how Notary addresses this problem, how to get started with Notary and your image registry, and how you can use Kubernetes admission controllers to verify your images against Notary.

code cloud native security ecosystem cloud pipeline kubernetes
comments powered by Disqus
Cloud Native Identity Management

Cloud Native Identity Management

December 2, 2019

Identity Management (IDM) incorporates a definition of identity, authentication and authorization. Cloud native workload IDM is necessary to protect against an untrusted network and compromised or rog …
Keynote: Shaping the Cloud Native Future

Keynote: Shaping the Cloud Native Future

November 30, 2019

Cloud Foundry is an integral part of the movement creating interoperability among the open source, cloud-native ecosystem. Complementary, interlocking open source technologies like Cloud Foundry, Kube …
Challenges to Writing Cloud Native Applications

Challenges to Writing Cloud Native Applications

November 27, 2019

Cloud native means designing software explicitly for the cloud, not trying to deploy to the cloud in retrospect - shoving a single replica of a monolith into Kubernetes wont cut it. Developing for …
Whats in the Box? Resource Management in Kubernetes

Whats in the Box? Resource Management in Kubernetes

November 23, 2019

As the cloud native ecosystem evolves, it is determined to align platforms and technologies into a well-orchestrated infrastructure for optimum utilisation of compute, network and storage. This infras …
From Kubelet to Istio: Kubernetes Network Security Demystified

From Kubelet to Istio: Kubernetes Network Security Demystified

November 20, 2019

Kubernetes provides multiple layers of network security including the control plane, etcd, the CNI network, network policies, and - with Istio on top - the requests between applications themselves. In …
Securing Serverless Functions via Kubernetes Objects

Securing Serverless Functions via Kubernetes Objects

November 19, 2019

Serverless is fast becoming a new application architecture paradigm. As glue code that links cloud services together it is tempting to forget about the security of functions being deployed. In this ta …