11-04, 11:25–11:55 (US/Central), ROOM 2
The Cloud Native community has made many strides in improving the security of containers and Kubernetes. The aim of this talk is to showcase these efforts such as signing Kubernetes artefacts with sigstore, SBOMs for Kubernetes (sigs/bom), etc.
The second part of this talk will focus on how to secure basic cloud native workflows. The will be a demo component that will educate attendees about signing images, generating SBOMs, consuming them, creating deployment policies, and other ways to secure images and other artefacts.
The talk is being prepared for attendees who are already invested with cloud native technologies, but are new to the notion of securing them.
Attendees will be exposed to the basics of what secure software supply chains are how to start with their personal workflows.
They will also be expected to walk away with an idea about how to start conversations with their teams about securing their workflows better.
Ram Iyengar is an engineer by practice and an educator at heart. He was (cf) pushed into technology evangelism along his journey as a developer and hasn’t looked back since! He enjoys helping engineering teams around the world discover new and creative ways to work. He is a proponent of product development and engineering teams that put the community first.