
Security Champion Norge
During a session at ‘Security Champion Norge’, I presented on Software Supply Chain Hardening, focusing on the importance of signing containers and Git commits using cosign, and subsequent verification within a Kubernetes cluster using Kyverno and ArgoCD. My presentation addressed the critical role of supply chain hardening in secure software development and deployment. I detailed the process of commit signing, outlining its benefits in maintaining code integrity and providing traceability, hence mitigating the risk of unauthorized or harmful alterations....