IMPORTANT NOTE: Due to the nature of tutorials, this session has been placed in a smaller capacity room to help facilitate a conducive learning environment. Space is very limited and seating will be given on a first come-first serve basis. The tutorial will be recorded and viewed on the
CNCF YouTube channel after the event concludes. Thank you for your understanding.
How secure is your deployment pipeline? Is image integrity verified or can any user deploy any image to production? Are those images scanned for known CVEs? And are security policies enforced to harden the cluster at runtime?
This tutorial covers current best practices for enhanced Kubernetes cluster security. It is led by core contributors and subject matter experts, and provides hands-on experience with Notary, admission controllers, and vulnerability scanning.
It teaches integrating image signing and vulnerability scanning into a pipeline through live examples, and demonstrates how to configure Kubernetes to enforce security policies and image integrity.
Attendees should expect to learn how to utilise state-of-the-art CNCF and OS tooling, and frustrate potential attackers throughout the deployment lifecycle.
Requirements: internet-capable laptop, a local Minikube installation.