Loading…
February 1-2, 2023 | Seattle, WA
View More Details | Registration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for CloudNativeSecurityCon North America 2023 to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Standard Time (PST), UTC -8. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
Back To Schedule
Wednesday, February 1 • 2:00pm - 2:05pm
⚡ Lightning Talk: A Secure Software Supply Chain for Open Policy Agency (OPA) Policies - Omri Gazitt, Aserto

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
Open Policy Agent (OPA) is gaining widespread acceptance as a mature decision engine for enforcing policies in a variety of domains, including Kubernetes admission control (Gatekeeper), configuration file policies (Conftest), and application / API authorization (Topaz). Indeed, OPA policies are becoming an integral part of the cloud-native software supply chain. Security and operations teams have tools for packaging and signing application artifacts, and they need the same capabilities for OPA policies. This lighting talk will describe how to build, tag, and sign OPA policies as OCI containers using the policy CLI, an open source tool that is part of the Open Policy Registry (OPCR) project. The policy CLI can be used to pull and push OPA policies OCI-compliant registries, such as OPCR, GHCR, Docker, or AWS Container Registry. Finally, OPA can now natively pull policy bundles from OCI artifact registries.
Speakers
avatar for Omri Gazitt

Omri Gazitt

Co-founder & CEO, Aserto
Omri is the co-founder/CEO of Aserto.com, an authorization startup, and his 3rd entrepreneurial venture. He spent the majority of his 30-year career working on developer & infrastructure tech, most recently as the CPO of Puppet. Previously he was the VP & GM of HP's Cloud Native Platform... Read More →

Cloud Native SecurityCon Feb 2023 final pdf
Wednesday February 1, 2023 2:00pm - 2:05pm PST
Room 602/603
  ⚡Lightning Talks, Supply Chains
  • Content Experience Level Any
  • Presentation Slides Attached Yes