Philipp Bergsmann
Philipp is part of the EMEA OpenShift Black Belt team at Red Hat, focusing on the managed cloud offerings. He has worked in the IT industry for about 20 years in various roles, from development to cloud infrastructure consulting. Over the last few years, Philipp has worked extensively on Kubernetes-related topics, planning and implementing Kubernetes platforms with various local and international companies.
Session
In this session, we will demonstrate how to implement DevSecOps pipelines in production using Stackrox and Tekton and other Open Source Security tools such as Sigstore among others.
We will demonstrate how to eliminate security risks on our CICD pipelines implementing DevSecOps, and securing the software supply chain providing continuous scanning and runtime protection. On the other hand, we will demonstrate how to shift the security left, detecting and remediating vulnerabilities and misconfigurations that could affect the security of our workloads in production.
Finally we will depict how to provide to the developers automated guardrails, integrating Stackrox with DevOps and security tools such as Sigstore and Quay among others, building robust productive DevSecOps pipelines.