SSE Blog
Published in

SSE Blog

Container Image Signatures in Kubernetes

Container image signatures are a rarely implemented security feature, even though images’ contents are ever changing and hard to get a grasp of, making it easy for attackers to hide malicious content in them. A main reason for that is that the most popular container orchestrator Kubernetes has no native support for image signatures or their verification. Connaisseur is a Kubernetes admission controller that tries to change that, by allowing only signed images into a cluster and ensure only trusted and unmodified content is deployed, thus amp up your security.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Philipp Belitz

Philipp Belitz

IT Security Engineer at Secure Systems Engineering GmbH. Focused mostly on Kubernetes and Docker Security. Love cycling and playing MtG.