Container Security: Building trust in your software supply chain | C2C Community

Container Security: Building trust in your software supply chain

  • 30 August 2022
  • 0 replies

Userlevel 7
Badge +19

Whether building an application on Kubernetes, Serverless, or Virtual Machine, end-to-end security is crucial to mitigate the rapid growth in open source software, as well as recent cybersecurity attacks and data breaches. The following video will help you to learn about how you can adopt an in-depth, security-first approach with Google Cloud that embeds security and compliance at every step of your software lifecycle. 


1. Secure Software Supply Chain Keynote

Speaker: Pali Bhat, Eric Brewer, Aparna Sinha, Phil Venables, Brenna Washington, Dustin Ingram, Shane Lawrence
They We'll discuss the state of the container security industry, including the lessons you can learn from recent breaches, plus best practices you can implement today to secure the software supply chain and establish trust throughout the delivery process.




2. Lurking in the deep: Control your open source dependencies

Speaker: Nicky Ringland, Don McCasland
Nearly all software depends on open source and other external, third-party building blocks, which have become common attack vectors. Watch the video below about to secure your software supply chain dependencies, including a demo of best practices.



3. Chain of trust: Strengthening build security

Speaker: David Jacobs, Anthony Bushong
Software security requires a secure build environment -- from source code to artifacts to other build dependencies. Watch the video below about stringent security principles you can apply to the build process, including a demo of an enterprise-ready secure CI/CD pipeline.




4. Deploy and run with confidence: Shield production workloads

Speaker: John Murray, Abby Carey
How do you ensure only authorized builds make it to production, plus scope the blast radius of vulnerabilities in production? watch the video below about the best practices for scanning your applications for potential vulnerabilities along with deploying and running securely.



5. Make it so! Policy and security as code

Speaker: John Murray, Abby Carey
Policy-as-code improves security guardrails for production deployment and speeds up your development cycle, but how do you create and enforce a unified set of policies? watch the video below about how to draft easy to maintain policies that are readable and auditable across your local development environment, CI, and CD.


0 replies

Be the first to reply!