webinar register page

This webinar is for users with a Zoom account. New to Zoom? Sign up free.
CNCF Member Webinar: Advancing image security and compliance through Container Image Encryption!
When it comes to container image security, you may have heard about image signing, which helps ensure the integrity and provenance of a container image. However, security gaps remain for protecting the confidentiality of the images and ensuring untrusted hosts cannot run them. For example, if a registry is compromised, we don’t want our top secret algorithms to be stolen!

In this webinar, we will introduce Container Image Encryption, a recently introduced capability to provide developers a way to protect sensitive contents of their container images. This is a cross project effort spanning multiple projects including containerd, crio, skopeo, buildah, and OCI. We will perform a deep dive into the image encryption technology, and show a demo on the end-to-end developer flow, from building and encrypting the image, pushing it to a registry, and decrypting and running it on a kubernetes cluster.

Finally, we will show an example of how the technology can help meet compliance requirements through geofencing execution of container workloads. i.e. being able to say “a container workload should only be runnable by clusters in the EU region."

Jul 15, 2020 10:00 AM in Pacific Time (US and Canada)

Webinar logo
* Required information


Brandon Lum
Senior Software Engineer @IBM
Brandon loves designing and implementing computer systems (with a focus on Security, Operating Systems, and Distributed/Parallel Systems). He enjoys tackling both technical and business challenges and has a side interest in organizational behavior and leadership. At IBM Research, Brandon designs, architects and develops for problems at the intersection of Cloud and Security. He works on various security areas such as: Container content protection via encryption and image signing, identity, and techniques to reduce the attack surface on the kernel.