Nigel Douglas

Activities

1

talks

Head of Developer Relations Cloudsmith

Nigel Douglas is the Head of Developer Relations at Cloudsmith. He champions Cloudsmith’s developer ecosystem by creating compelling educational content, engaging with developer communities, and promoting Cloudsmith as the go-to solution for artifact management and supply chain security. Nigel helps build and shape the DevOps community through events, tutorials, and innovative programs.

Bio from: Are your Helm charts secure? Uncovering hidden supply chain threats

Filtering by: Identifying vulnerabilities in public Kubernetes Helm charts ×

Filter by Event / Source

Identifying vulnerabilities in public Kubernetes Helm charts 1 Are your Helm charts secure? Uncovering hidden supply chain threats 1 Are your Helm charts secure? Uncovering hidden supply chain threats 1

Talks & appearances

Showing 1 of 3 activities

Search activities →

Securing Helm charts in public repositories

2025-05-20 · Identifying vulnerabilities in public Kubernetes Helm charts

talk

helm Kubernetes rbac dependency vulnerabilities chart integrity devsecops

30-minute talk on the evolving threat landscape around Helm charts in public repositories. We’ll discuss real-world incidents such as the Codecov supply chain attack and hypothetical attack vectors like 'ChartSploit', highlighting how seemingly benign configurations can be exploited. Topics include anatomy of vulnerable charts, risk areas (RBAC misconfigurations, dependency vulnerabilities), and actionable strategies to secure Kubernetes environments—auditing deployments, verifying chart integrity, enforcing strict access controls, and adopting DevSecOps practices.