Conference:  KubeCon + CloudNativeCon Europe 2023

Authors: Alex Ilgayev, Elad Pticha

2023-04-21

The presentation discusses the importance of secure authentication in CI/CD pipelines and the potential vulnerabilities of using tokens. The solution proposed is to use OpenID Connect (OIDC) for authentication.

• CI/CD pipelines require secure authentication with third-party providers
• Tokens are a popular method of authentication but can be vulnerable to breaches
• Examples of breaches include CircleCI and Codecov
• OpenID Connect (OIDC) is a solution that extends the capabilities of OAuth 2.0 and uses JSON web tokens (JWT) for authentication
• OIDC is standardized and allows for third-party verification of user identity

Conference:  Cloud Native SecurityCon North America 2022

Authors: Tobin Feldman-FItzthum, Mikko Ylinen

2022-10-25

Typical data protection ensures data is encrypted while in transit and at rest. Confidential computing (CC) adds data protection while data is in use, in memory, enabling end-to-end protection. Highly regulated industries such as finance and health care are driving the market for CC. Cloud service providers are adding CC capabilities in their offerings. In parallel the open-source cloud native ecosystem is seeing more new projects and start-ups building upon CC. For instance, the CNCF recently accepted the sandbox project Confidential Containers with active participation from different hardware and software vendors and CSPs. In this workshop we will talk about CC in cloud native. We will start by giving an overview of CC and a detailed introduction to the Confidential Containers project and its building blocks. Next, we walk the audience through detailed steps to get the Confidential Containers environment set up. Finally, we want to leave some time for interactive discussion with the audience about cloud native use cases and CC.

Conference:  KubeCon + CloudNativeCon North America 2021

Authors: Evan Anderson

2021-10-14

The presentation discusses the importance of up-leveling the developer experience beyond Docker files and Kubernetes by standardizing runtime contracts and using build packs.

• Developers need higher level abstractions beyond Docker files and Kubernetes
• Standardizing runtime contracts can simplify container building
• Build packs can save effort and help detect vulnerabilities
• Community maintenance of baseline pieces can reduce redundancy