CNCF-hosted Co-located Events Europe 2024 taking place on 19 March. This event is happening in person at Paris Expo Porte De Versailles in Paris, France. The Sched app allows you to build your schedule, but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2024, and have an All-Access pass in order to participate in the sessions.
To view the full event schedule for a specific CNCF-hosted Co-located event, you can use the right-hand navigation bar to sort and filter.
Like bees making honey, we developers forage the internet for code that we borrow and thread together to create software. It’s built, uploaded and shared, resulting in hundreds of thousands (if not millions) of software artifacts being built each day. For an unlucky few, attackers seek to infiltrate the build process like a hornet attacking a beehive. If they successfully attack a project with a large userbase, the impact could be be unprecedented, leading to the big bad ‘Game Over’ message rolling across the screen. In 2022, A Kubernetes-aware, Security Observability tool called Tetragon released. This talk shows how the project serves as the key to the creation of a tool for securing build systems on Kubernetes. By leveraging Tetragon and eBPF, Attestagon aims to produce concise and cryptographically verifiable metadata. Come to this talk if you wish to see how any busy bee can inspect it to see whether a package was indeed sealed and delivered in the way the author intended.
Tom is an engineer who works for TestifySec as an Open Source Engineer. After becoming intrigued by the space, he decided to dive into the world of supply-chain security (mostly software, but also some strange food analogies). By being enabled by initiatives like the OpenSSF, in-toto... Read More →