Securing the software supply chain security has become extremely critical for all organizations. While emerging standards like SLSA can help secure build environments, how should Kubernetes administrators verify the integrity of their container images in production?

In this session, Jim Bugwadia and Chip Zoller will demonstrate how Kyverno, a Kubernetes native policy engine, can be used to verify image signatures and in-toto attestations during admission controls via periodic scans. The session will introduce and demonstrate new features, coming in Kyverno 1.7, for flexible policy-based verification of images to help secure Kubernetes software supply chains.