The Cloud Native community has made many strides in improving the security of containers and Kubernetes. The aim of this talk is to showcase these efforts such as signing Kubernetes artefacts with sigstore, SBOMs for Kubernetes (sigs/bom), etc.
The second part of this talk will focus on how to secure basic cloud native workflows. The will be a demo component that will educate attendees about signing images, generating SBOMs, consuming them, creating deployment policies, and other ways to secure images and other artefacts.