December 9, 2019

195 words 1 min read

Binary Authorization in Kubernetes

Binary Authorization in Kubernetes

Kritis is an open-source solution for securing your software supply chain for Kubernetes applications. Kritis enforces deploy-time security policies that ensures only trusted container images are depl …
Talk Title Binary Authorization in Kubernetes
Speakers Liron Levin (Chief software architect, Palo alto networks), Aysylu Greenberg (Senior Software Engineer, Google)
Conference KubeCon + CloudNativeCon North America
Conf Tag
Location San Diego, CA, USA
Date Nov 15-21, 2019
URL Talk Page
Slides Talk Slides
Video

Kritis is an open-source solution for securing your software supply chain for Kubernetes applications. Kritis enforces deploy-time security policies that ensures only trusted container images are deployed on kubernetes to your cluster. With Kritis, you can require images to be signed by trusted authorities during the development process and then enforce signature validation when deploying. Kritis enables tighter control over your container environment by ensuring only verified images are integrated into production.Talk outline:- Introduction to the concept of binary authorization- Live demo of using Kritis and Grafeas for deploying images with confidence in Kubernetes- Grafeas and Kritis roadmapAt the end, attendees will gain solid understanding on the process of binary authorization and how to incorporate it in their build and deployment pipelines

container roadm open-source cluster security introduction supply chain pipeline kubernetes oadm
comments powered by Disqus
Intro + Deep Dive: Windows SIG

Intro + Deep Dive: Windows SIG

October 20, 2019

The chairs for SIG-Windows will provide an update on the efforts to bring Windows to Kubernetes. This will concentrate on presenting new features that are being delivered and the General Availability …
Windows SIG

Windows SIG

October 10, 2019

SIG-Windows participants will provide an update on the efforts to bring Windows to Kubernetes. This will concentrate on presenting new features that are being delivered and the General Availability of …
Deep Dive: Harbor - Enterprise Cloud-native Artifact Registry

Deep Dive: Harbor - Enterprise Cloud-native Artifact Registry

December 8, 2019

Harbor is an open-source trusted cloud-native registry project that stores, signs, and scans content. It has been widely used by organizations large and small around the world to resolve both the cont …
Building Images Efficiently and Securely on Kubernetes with BuildKit

Building Images Efficiently and Securely on Kubernetes with BuildKit

November 16, 2019

BuildKit is a modern container image builder that focuses on efficiency and security, mostly known as the backend of Docker 18.06+ and Jessie Frazelle's img. (But it is even useful as a standalone t …
Intro: SPIFFE

Intro: SPIFFE

November 14, 2019

Modern software development relies on many microservices working together, that in production may be distributed over different middleware systems, container schedulers, PaaS platforms and even differ …
Intro: SIG Cluster Lifecycle

Intro: SIG Cluster Lifecycle

October 12, 2019

Sig Cluster-Lifecycle Intro The Cluster Lifecycle SIG is the Special Interest Group that focuses on cluster deployments and upgrades. Our SIG is trying to improve user experiences on bootstrapping a m …