Secure the pipeline: How we’ve built a secure Kubernetes CI/CD pipeline

DevSecCon Tel Aviv 2018 Speaker
07 May 2018
14:45 - 15:20
Convention hall A4

Secure the pipeline: How we’ve built a secure Kubernetes CI/CD pipeline

Everybody wants to run their code on Kubernetes these days, but it requires a radical change to your deployment process. You want to make sure you don’t create new vulnerabilities when you take this leap. What kind of security tests can you run in this pipeline to assert that this code does not contain any known vulnerabilities?

At Soluto, we started to migrate services to Kubernetes in the recent months, and we would like to share with you what we did. In this session I’m planning to cover our CI/CD pipeline, and give extra attention to the following points:

  • Scanning code dependencies
  • Scanning containers
  • Testing for insecure Kubernetes configurations
  • Securely deploy to Kubernetes cluster

Join this session to hear our story and learn about many useful tools you can start using today to deploy secure apps to your Kubernetes cluster. All the tools I’ll present are open source tools, so using them should be as simple as possible.

This website uses cookies to ensure you get the best experience on our website More info

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Got it!" below then you are consenting to this.

Close