talk-data.com talk-data.com

Topic

supply chain security

1

tagged

Activity Trend

1 peak/qtr
2020-Q1 2026-Q1

Top Events

Identifying vulnerabilities in public Kubernetes Helm charts 1

Top Speakers

Nigel Douglas 1

Activities

1 activities · Newest first

All Video Podcast Book

Securing Helm charts in public repositories

2025-05-20 · Identifying vulnerabilities in public Kubernetes Helm charts
talk
by Nigel Douglas (Cloudsmith)
Kubernetes chart integrity dependency vulnerabilities devsecops helm rbac

30-minute talk on the evolving threat landscape around Helm charts in public repositories. We’ll discuss real-world incidents such as the Codecov supply chain attack and hypothetical attack vectors like 'ChartSploit', highlighting how seemingly benign configurations can be exploited. Topics include anatomy of vulnerable charts, risk areas (RBAC misconfigurations, dependency vulnerabilities), and actionable strategies to secure Kubernetes environments—auditing deployments, verifying chart integrity, enforcing strict access controls, and adopting DevSecOps practices.