Dates
Conferences
Tags
Sort by:
Most recent
Conference: Cloud Native SecurityCon North America 2022
Authors: Tracy P Holmes, Raymond de Jong
2022-10-25
tldr - powered by Generative AI
The presentation discusses how to enforce network policies using Psyllium and Kubernetes to ensure least privilege security between microservices.
- Psyllium and Kubernetes can be used to enforce network policies for microservices
- Least privilege security can be achieved by filtering HTTP requests and restricting API access
- L7 security policies can restrict access to required API resources
- Psyllium website provides resources and a helpful Slack community for beginners and contributors
Conference: Cloud Native SecurityCon North America 2022
Authors: Cole Kennedy
2022-10-24
tldr - powered by Generative AI
Witness is an open-source project that allows software producers to make and verify attestations about the software they produce, making it easy to produce verifiable evidence for software builds. Archivist is a platform that stores these attestations. The goal is to automate pipeline compliance and ensure that the build materials that are expected to go into the build actually do go into that build.
- Witness implements the internal specifications and allows software producers to make and verify attestations about the software they produce
- It has integrations with open-source projects such as Sig store, Inspire, GitHub, and GitLab
- Witness makes it easy to produce verifiable evidence for software builds
- It supports both containerized and non-containerized workloads
- Archivist stores these attestations
- The goal is to automate pipeline compliance and ensure that the build materials that are expected to go into the build actually do go into that build