Binary Authorization in Kubernetes - Aysylu Greenberg, Google & Liron Levin, Palo Alto Networks
Abstract
Kritis is an open-source solution for securing your software supply chain for Kubernetes applications. Kritis enforces deploy-time security policies that ensures only trusted container images are deployed on kubernetes to your cluster. With Kritis, you can require images to be signed by trusted authorities during the development process and then enforce signature validation when deploying. Kritis enables tighter control over your container environment by ensuring only verified images are integrated into production.Talk outline:- Introduction to the concept of binary authorization- Live demo of using Kritis and Grafeas for deploying images with confidence in Kubernetes- Grafeas and Kritis roadmapAt the end, attendees will gain solid understanding on the process of binary authorization and how to incorporate it in their build and deployment pipelines