We’re excited to be in Amsterdam next week for KubeCon EU 2023. Be sure to find us at Booth SU64 on April 19-21 where we’ll have personalized demos of the Chainguard platform, Chainguard swag and an interactive game (with a leaderboard!) to conquer high or critical CVSS scores in your supply chain. Anyone who stops by the Chainguard booth will have an opportunity to play and have their specially generated username and score shown on our KubeCon EU leaderboard. Every day, the highest score will receive an exclusive Chainguard swag pack and a $50 giftcard to the delivery service of their choice (DoorDash, UberEats, etc).
If you’re spending countless hours trying to patch and triage CVEs in your container images, you don’t want to miss our Chainguard Images demo next week. We’ll be showing side by side comparisons of Chainguard Images that demonstrate their minimal size and presence of fewer CVEs compared to other options. Or if you are a developer looking for more observability and discoverability capabilities in your toolset, come check out how the Chainguard Enforce platform provides you with an instant view of what software you are running, where it came from and what your dependencies are.
Here’s a quick look at where you can find the Chainguard team at scheduled conference talks and sessions and after hours events.
Chainguard Talks
Wednesday, April 19
14:30-15:05pm CEST
Filling the Gaps in Kubernetes Flavored SLSA with Threat Modeling
Chainguard Software Engineer Priya Wadhwa and Google Software Engineer Christie Warwick (Wilson) will walk through a threat model analysis of CI/CD execution on Kubernetes, identifying trust boundaries that can be exploited by malicious external actors, internal actors and even privileged admins by mapping these trust boundaries to SLSA standards. The session will feature a demo of how Tekton has complied with this standard by utilizing open source projects like Sigstore and SPIRE. Leave this talk with a deeper understanding of supply chain security, including how to mitigate potential threats when building artifacts on Kubernetes.
16:30-17:05pm CEST
No Fear, Falco Is Looking After Us!
In this session, experienced Falco contributors–including Chainguard Staff Engineer Carlos Panato–will introduce the project and its ecosystem, present the most recent developments in the space and show how to get involved as contributors and adopters. Topics of broad and current interest include the project’s recent submission for graduation, the improved eBPF support, the security enhancements, news about falcoctl and ecosystem integrations and the envisioned roadmap for the project.
Thursday, April 20
11:00-11:35am CEST
Life of a CVE with Ingress-Nginx; Understanding the Project's Release Cycle
Chainguard Solutions Architect James Strong and Dylen Turnbull, Developer Advocate, NGINX Part of F5, will discuss how they work to improve the release process of ingress-nginx to keep Ingress-nginx CVE-free with real-world examples. Topics include current release process and the ongoing work with sig-release and sig-security to increase release velocity, reduce complexity and increase the security of ingress-nginx.
16:30-17:05pm CEST
Secure Your Project with the SIG Release Supply Chain Kit
Over the past two years, Kubernetes SIG Release shifted focus from automating the Kubernetes release process to building stronger security features. All this work done by the Release Engineering team has been packaged into tools that anybody can use to harden their project's supply chain security stance. In this talk, Chainguard Staff Engineers Adolfo García Veytia and Carlos Panato will discuss the toolkit, which lets users pick and choose from the same components that Kubernetes SIG Release Managers use to secure the Kubernetes releases with features like: SBOMs, signed SLSA provenance attestations, signed container images and artifacts and secure GitHub release pages.
Friday, April 21
11:55am-12:30pm CEST
Kubernetes SIG CLI: Intro and Updates
SIG CLI is the special interest group for the command line tooling of the Kubernetes project. The SIG maintains kubectl, kustomize, and related libraries. In this session, the SIG CLI leads including Chainguard Software Engineer Eddie Zaneski will provide an introduction to the SIG and an overview of how to contribute. They will share the work done over the past year and present KEP3659, an exciting new specification and strategy for maturing kubectl, which has been in alpha for more than twenty releases.
After hours
Chainguard is partnering with Sysdig, Snyk and Tetrate to host an evening of networking, games and more at the Heineken Experience on Tuesday, April 18th from 18:00 – 21:00pm CEST. The event will be located at the Heineken Brewery, Stadhouderskade 78, 1072AE, Amsterdam, The Netherlands. Enjoy great food, local beer and non-alcoholic beverages alongside engaging conversations with leading open source and cloud native security organizations. Chainguard engineers, DevRel and solution architects will be there to talk about all things software supply chain and open source security. Register here.
It wouldn’t be a conference without our Chainguardians doing karaoke! We’re thrilled to sponsor the Spring Kuberoke community event on Wednesday, April 19 from 21:00pm - 1:00am CEST at Amsterdam’s premier Karaoke bar, KTV Bar. Join the Kuberoke community and event sponsors for an evening karaoke, an open bar and light snacks.
Space is limited and will be available as capacity allows throughout the night. Register here.
Reach out to our team to learn more or to schedule a conversation ahead of KubeCon EU.
See you in Amsterdam!
