Verifying Artifacts and CVEs at the Change Boundary

Verifying Artifacts and CVEs at the Change Boundary

Brazos G Wed 10:50AM - 11:30AM

At Thoughtworks, we talk a lot about Compliance at the Point of Change. To simplify, the core of this concept is we give developers freedom by moving all compliance checks to the admission controllers of the deployment platform. This allows devs to completely own the pipelines, and they are responsible for meeting the admission controller requirements on deployment. In this talk, we'll look at how to write admission controllers that block deployments when an application has an invalid SBOM or high severity CVE in it's packages.

Add to calendar
Scroll to Top

Thank You!

Thank you for inquiring about sponsoring swampUP 2024. We’ll be in touch shortly!
Become a Sponsor


September 9-11 | Omni Resort & Spa  | Austin, TX
(All the fields are required)