Paved Paths Leading the Way to Compliance
36 min

Paved Paths Leading the Way to Compliance

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Brian Nielsen
kubernetes cncf backstage developer-portal compliance platform-engineering api-design software-catalog asset-management microservices ci-cd policy-as-code
Malicious Compliance: Reflections on Trusting Container Scanners
36 min

Malicious Compliance: Reflections on Trusting Container Scanners

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Ian Coldwater Duffie Cooley Brad Geesaman Rory McCune
container-scanning kubernetes security vulnerability-management docker sbom ci-cd supply-chain-security policy-as-code cloud-native alpine-linux go
The Compliance Business Case for Kubernetes in the EU: Get Ready for EUCS
35 min

The Compliance Business Case for Kubernetes in the EU: Get Ready for EUCS

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Robert Ficcaglia Anders Eknert
kubernetes eucs compliance policy-as-code opa rego cncf cloud-native security auditing governance oscal
State of the Mop: Cloud Custodian in 2023
19 min

State of the Mop: Cloud Custodian in 2023

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Jorge Castro Kapil Thangavelu
cloud-custodian kubernetes policy-as-code infrastructure-as-code aws azure gcp terraform cloud-governance finops compliance python
Automating Configuration and Permissions Testing for GitOps with OPA Conftest
30 min

Automating Configuration and Permissions Testing for GitOps with OPA Conftest

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Eve Ben Ezra Michael Hume
gitops opa conftest kubernetes policy-as-code ci-cd configuration-management testing automation validation devsecops argo-cd
Kyverno Introduction and Deep Dive
36 min

Kyverno Introduction and Deep Dive

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Charles-Edouard Brétéché Jinhong Brejnholt
kyverno kubernetes policy-engine security automation validation software-supply-chain-security governance policy-as-code
Checking the Chains at the Gate: Building Supply Chain Policies with Gatekeeper and Ratify
37 min

Checking the Chains at the Gate: Building Supply Chain Policies with Gatekeeper and Ratify

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Jeremy Rickard
kubernetes supply-chain-security gatekeeper ratify opa rego oci admission-controller policy-as-code sbom ci-cd
Zero Privilege Architectures
31 min

Zero Privilege Architectures

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Thijs Ebbers Diana Iordan
zero-privilege zero-trust cloud-native kubernetes ci-cd infrastructure-as-code policy-as-code data-services observability iam immutable-infrastructure security-architecture