# Kubernetes Security
Supply Chain Security *Nicholas Dille, Haufe Group*
Docker Captain
Microsoft MVP
[@nicholasdille](https://twitter.com/nicholasdille)
[@nicholasdille@freiburg.social](https://freiburg.social/@nicholasdille)
## Agenda Part 1: Platform-as-a-Service (2023-04-26) Part 2: Network Policies (2023-05-03) Part 3: Policies (2023-05-10) Part 4: Supply Chain Security (2023-05-17) -
Understanding the supply chain -
Identify vulnerabilities in your cluster -
Visualize security state -
Sign and verify container images ### Hourly breaks
##
Dependencies / Vulnerabilites
##
Signatures
##
Upcoming: OCI 1.1
##
Activity
## Summary -
Supply chain security affects dev and ops -
SBOMs document dependencies -
Scanners produce different output -
Vulnerabilities will include false positives -
You are never done with vulnerabilities -
Container image signing for trust
## Summary for Webinar Series -
Security must be addressed on many levels -
Separation of concerns is key -
Least privilege is a must -
Policies help to understand and enforce security -
Supply chain security is still a fast moving field