Deep dive into the secure software supply chain on IaC
Cloud
Deep dive into the secure software supply chain on IaC
About
Deep dive into the secure software supply chain on IaC
About
In this talk I’ll explain what is the Software Supply Chain, common threats and mitigations and how they apply to IAC ecosystem too. I’ll show off security threats using Terraform and its ecosystem and finally i’ll talk about OCI images talking about digital signatures and SBOM using Sigstore and Syft. I’ll do a live coding session showing off how to deploy secure OCI images on K8S cluster with security policies built with Kyverno, the session includes also security scanning using the generated SBOM.
Language
Italian
Level
Intermediate
Length
43 minutes
Type
conference
About the speaker
About the speaker
Paolo Mainardi
speaker •
Details
Language
Italian
Level
Intermediate
Length
43 minutes
Type
conference