Thursday Jun 29
10:20 –
11:10
Effectenbeurszaal
Building Images for the Secure Supply Chain
Security scans getting you down? Users complaining they can't verify your images? Have no idea if your systems are vulnerable to the latest exploit? Want to improve your SLSA level but don't know where to start? You're not alone - all organisations face these issues. This talk will walk through techniques and tooling that you can use today to address these concerns. In particular it will cover:
- The distroless philosophy; why minimal images can save you from scan report purgatory
- The importance of updating images and dependencies
- Using apko to build container images with SBOMs and complete reproducibility
- Signing images with Sigstore
kubernetes
cloud native
security
supply chain
Keynotes
-
Failure Is Always An OptionDylan BeattieWednesday Jun 28, 13:20
-
Flow. The Worst Software Development Approach in HistoryKim van WilgenSander HoogendoornThursday Jun 29, 13:30
-
Programming's Greatest MistakesMark RendleWednesday Jun 28, 16:40
-
Demystifying Blockchain - From Infrastructures via Smart Contracts to ApplicationsOlivier RikkenTuesday Jun 27, 13:20
-
SecurityBert HubertTuesday Jun 27, 16:40
-
Coming soonThursday Jun 29, 09:10
-
Coming soonErik ScherderWednesday Jun 28, 09:10
-
Coming soonThursday Jun 29, 15:40
-
How the Hack?Ben SadeghipourTuesday Jun 27, 09:10