Vulnerability Management for Go
22 min

Vulnerability Management for Go

GopherCon - GopherCon 2023
Julie Qiu
go go-modules dependabot osv go-vulnerability-database vulnerability-management software-supply-chain security static-analysis cicd github-actions
From Model to Production: A Unified Journey
28 min

From Model to Production: A Unified Journey

MLOps World - MLOps World & Generative AI World 2024
Yuval Fernbach
mlops machine-learning devops software-supply-chain generative-ai data-science deployment security vulnerability-management model-registry ci-cd containerization
Building SLSA 3 Conforment Attestors for Artifacts Generated on GitHub
34 min

Building SLSA 3 Conforment Attestors for Artifacts Generated on GitHub

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Ian Lewis Asra Ali
slsa supply-chain-security github-actions software-supply-chain provenance attestation container-images ci-cd open-source-security build-automation security-frameworks
Hardening Kubeflow Security for Enterprise Environments
41 min

Hardening Kubeflow Security for Enterprise Environments

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Julius von Kohout Diana Dimitrova Atanasova
kubeflow kubernetes mlops security enterprise-security authentication authorization rbac vulnerabilities cvss software-supply-chain ci-cd
Secure Your Project with the SIG Release Supply Chain Kit
30 min

Secure Your Project with the SIG Release Supply Chain Kit

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Adolfo Garcรญa Veytia Carlos Panato
supply-chain-security sbom slsa container-signing github-actions ci-cd kubernetes release-engineering provenance cosign six-store software-supply-chain
Life of a CVE with Ingress-Nginx; Understanding the Project's Release Cycle
32 min

Life of a CVE with Ingress-Nginx; Understanding the Project's Release Cycle

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
James Strong Dylen Turnbull
cve ingress-nginx release-cycle kubernetes nginx security vulnerability-management software-supply-chain open-source cloud-native
Why You Should Care About Open Source Supply Chain Security
32 min

Why You Should Care About Open Source Supply Chain Security

PyCon - PyCon US 2023
Nina Zakharenko
supply-chain-security open-source-security software-supply-chain security-auditing vulnerability-management dependency-management python security-practices