A presentation at KubeCon + CloudNativeCon NA 2025 in in Atlanta, GA, USA by Aurélie Vache
Congratulations! You’ve successfully built and pushed your container image to a registry, but are you ready to deploy to production? Is your SecOps team confident with your container’s robustness in the face of production environments?
How do you ensure the image you’ve built is the one running? Are you sure it is composed of vulnerability-free software and that your supply chain hasn’t been compromised along the way?
Don’t panic! In this fun and dynamic talk, you can learn and/or improve your knowledge, about the way to secure your containers, with supply chain security.
With a mix of quiz and live demos, you will discover or dig into several supply chain concepts and frameworks, CNCF and open source projects like SBOM, SigStore, SLSA, OpenSSF, VEX, GUAC, in-toto and many more!
Are you up for this new quiz challenge? Icing on the cake: Top scores will win some swags.
