Filling the Gaps in Kubernetes Flavored SLSA with Threat Modeling - Christie Wilson & Priya Wadhwa

Filling the Gaps in Kubernetes Flavored SLSA with Threat Modeling - Christie Wilson, Google & Priya Wadhwa, Chainguard SLSA is an emerging standard for supply chain security that makes it easier to reason about threats and mitigations, but how do we make it work for Kubernetes? It can be difficult to analyze the security posture of a Kubernetes based CI/CD platform, let alone mitigate the threats. Threat modeling to the rescue! Using Tekton as a case study, Priya and Christie will walk you through a threat model analysis of CI/CD execution on Kubernetes, identifying trust boundaries that can be exploited by malicious external actors, internal actors and even privileged admins, and mapping these trust boundaries to SLSA standards. They will demo how Tekton has complied with this standard by utilizing open source projects like Sigstore and SPIRE. You'll leave this talk with a deeper understanding of supply chain security and of how to mitigate potential threats to building artifacts on Kubernetes.

Видео Filling the Gaps in Kubernetes Flavored SLSA with Threat Modeling - Christie Wilson & Priya Wadhwa автора Python Перспективы