Protect the Pipe! A Policy-based Approach for Securing CI/CD Pipelines - Shripad Nadgowda, IBM Research & Jim Bugwadia, Nirmata

less than 1 minute read

Abstract

Modern applications are composed of hundreds of packages and delivered to production via automated CI/CD pipelines. With rapid delivery comes the growing risk of attacks, vulnerabilities, and misconfigurations. Protecting these critical assets requires policy-based controls for CI/CD pipeline composition, configurations and execution. In this session, Shripad and Jim will present a cloud-native security framework for Tekton pipelines using in-toto, Kyverno and sigstore. They will discuss the unique security challenges for CI/CD pipelines, and then demonstrate the use of open-source tools to attest and verify each pipeline resource and execution step using declarative policies.Click here to view captioning/translation in the MeetingPlay platform!

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

Protect the Pipe! A Policy-based Approach for Securing CI/CD Pipelines - Shripad Nadgowda, IBM Research & Jim Bugwadia, Nirmata

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google