August 23-34, 2022 - Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Latin America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Eastern Daylight Time (UTC -4). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."
Back To Schedule
Wednesday, August 24 • 1:15pm - 1:55pm
Building a Secure By-Design Pipeline with an Open Source Stack - Rotem Refael, ARMO [Presented in English]

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
CI/CD has become the core of all engineering organizations, particularly as engineering velocity increases, the number of services that are managed, deployed & updated constantly, & the diversity of 3rd-party applications our pipelines integrate with. That is why ensuring the security of our CI/CD pipeline is no longer “nice to have”, but a critical piece when delivering our software to production. In this talk we’d like to walk you through the process of building an end-to-end secure pipeline, and the gotchas to look out for when it comes to pipeline security - from misconfigurations in IaC & YAML, to overly permissive CPU limits, and even insecure tagging between dev & prod. We’ll take a deep dive on how we secure our code & configuration, the pipeline itself & its integrations (SBOM), our K8s deployments, and ensure that we have continuous visibility with the right monitoring controls in place. All this will be demoed as code with a tried & true open source stack––from VSCode to Helm for the code & config, to Jenkins & CircleCI for the pipelines, best practices for deployment security, and how to bake in good observability with Prometheus & Lens. We’ll wrap up with some recommended extensions to help secure our pipelines by design, without changing our deployment structure.

avatar for Rotem Refael

Rotem Refael

Director of Engineering, ARMO
Rotem is Director of Engineering at ARMO, where she contributes to the Kubescape open source project, as well as other open source projects, as a staunch and passionate supporter of making open source security better and more accessible for everyone. Rotem is an engineering veteran... Read More →

Wednesday August 24, 2022 1:15pm - 1:55pm EDT