Topic

helm

Activities

1

tagged

Activity Trend

3 peak/qtr

2020-Q1 2026-Q1

Top Events

Workshop: Pulumi and Kubernetes - Better Together 1 Identifying vulnerabilities in public Kubernetes Helm charts 1 Are your Helm charts secure? Uncovering hidden supply chain threats 1 Governing and Evaluating Generative & Agentic AI in Regulated Industries 1 How is tooling for Data Scientists evolving in the era of AI-assist development? 1 Workshop: Pulumi and Kubernetes - Better Together 1 Are your Helm charts secure? Uncovering hidden supply chain threats 1 Governing and Evaluating Generative & Agentic AI in Regulated Industries 1 BLN DevOps July edition #49 1

Top Speakers

Nigel Douglas (Cloudsmith) 3 Josh Kodroff (Pulumi) 2 David Talby (John Snow Labs and Pacific AI) 2 Raluca Crisan (etiq.ai) 1

Activities

Showing filtered results

All Video Podcast Book

Filtering by: Identifying vulnerabilities in public Kubernetes Helm charts ×

Securing Helm charts in public repositories

2025-05-20 · Identifying vulnerabilities in public Kubernetes Helm charts

talk

by Nigel Douglas (Cloudsmith)

Kubernetes chart integrity dependency vulnerabilities devsecops rbac supply chain security

30-minute talk on the evolving threat landscape around Helm charts in public repositories. We’ll discuss real-world incidents such as the Codecov supply chain attack and hypothetical attack vectors like 'ChartSploit', highlighting how seemingly benign configurations can be exploited. Topics include anatomy of vulnerable charts, risk areas (RBAC misconfigurations, dependency vulnerabilities), and actionable strategies to secure Kubernetes environments—auditing deployments, verifying chart integrity, enforcing strict access controls, and adopting DevSecOps practices.