DevSecOpsify your Nomad Deployments with NACP and Notary

DevOps is fun, everyone can deploy whatever they want! What could possibly go wrong.

Sure you can verify your SBOM during build time, but how can you ensure that this is actually the thing that is deployed?
The Nomad Admission Control Proxy (NACP) makes sure nothing sneaks into your cluster.

In this Talk we look at how we can leverage NACP to check that people submit only jobs with images that are specified via their immutable digests. To be even more secure NACP recently learned how to use Notary’s notation lib to check if images are signed off by all your security checks they passed during build time.