Presentations
From Mild To Wild: How Hot Can Your SLSA Be?
You have attestations—now what? Three levels of policy enforcement: mild (simple verification), medium (combining multiple attestations and producing a VSA), wild (leveraging attestation specifics for trusted-task L3). Demonstrated with AMPEL and Conforma on the same use cases.
1-2-Step: How do you SLSA?
Demonstrate an end-to-end Tekton-based software factory implementing SLSA 1.2's Source and Build tracks with automated policy enforcement to ensure high-assurance security without slowing developers.
Who Are You Building For: Pipelines Have a Purpose
The trust model in Konflux empowers developers to customize build pipelines for their specific needs while contributing improvements back to the community through verified, reusable Tekton tasks.
Not Just Ticking a Box ☑️: Establishing Trust in Artifacts with Provenance 🔐🔗
Moving beyond checkbox compliance to establish genuine trust in software artifacts through SLSA provenance, in-toto attestations, and verifiable supply chain security with Konflux.
Who Are You Building For: Pipelines Have a Purpose
Konflux enables developers to quickly onboard to secure build pipelines with zero-to-working setup in minutes, complete developer journey from onboarding through hermetic builds and policy-driven development.