Signed, Sealed, Delivered - Sign and Verify All the Things
CNCF [Cloud Native Computing Foundation] via YouTube
Build GenAI Apps from Scratch — UCSB PaCE Certificate Program
AI, Data Science & Cloud Certificates from Google, IBM & Meta
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
This conference talk explores how digital signing and policy enforcement can protect against supply chain threats in cloud native environments. Learn how CNCF projects like ORAS, Notary, Flux, and Kyverno work together to ensure everything in production clusters—from images to configuration YAML—comes from trusted sources and hasn't been tampered with. Discover practical solutions for cluster operators facing challenges like rate-limiting, unauthorized configuration changes, and registry tampering. Follow along as Jeremy Rickard from Microsoft demonstrates a complete end-to-end implementation and access sample code from a provided GitHub repository to enhance your cluster security posture.
Syllabus
Signed, Sealed, Delivered - Sign and Verify All the Things - Jeremy Rickard, Microsoft
Taught by
CNCF [Cloud Native Computing Foundation]