![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=60,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Watch this 13-minute keynote presentation that explores how supply chain attacks can bypass even the most secure Kubernetes configurations and learn practical defense strategies using OpenSSF tools. Follow a real-world attack scenario where hackers exploit poisoned commits, tainted build tools, malicious container images, and backdoored dependencies to compromise a seemingly bulletproof K8s cluster protected by network policies, mTLS, restricted API access, GitOps workflows, and automated CI/CD pipelines. Discover how each attack vector can be countered with practical OpenSSF project implementations including Sigstore for container image signing, SLSA attestations for build security verification, OpenVEX and SBOM for dependency protection, and gittuf for source control integrity. Learn actionable strategies for implementing and enforcing OpenSSF tooling coordinated through the OSPS Baseline, understand how to improve CI/CD and GitOps integrity, and see how supply chain hardening creates defense-in-depth security without adding developer burden. Gain insights into transforming your Kubernetes security posture by addressing vulnerabilities that traditional cluster hardening measures cannot protect against.
![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=40,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
