Back To Schedule
Wednesday, December 6 • 7:30pm - 9:00pm
BoF: Grafeas: Using Artifact Metadata to Audit, Govern, and Secure Your Software Supply Chain - hosted by Stephen Elliott & Wendy Dembowski, Google & Graeme Hay, Morgan Stanley

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Building software at scale requires strong governance of the software supply chain, and strong governance requires good data. This BoF will be a discussion around the recently launched Grafeas ("scribe") open source project (see grafeas.io), whose goal is to provide organizations with a central source of truth for tracking artifacts and enforcing policies across an ever growing set of software development teams and pipelines. Part of the Grafeas project is Kritis ("judge"), a Kubernetes policy engine that lets organizations do real-time enforcement of container properties at deploy time for Kubernetes clusters. To kick off the discussion, Google and other Grafeas collaborators will give an overview of the Grafeas project.

avatar for Wendy Dembowski

Wendy Dembowski

Software Engineer, Google
Wendy is a Senior Staff Software Engineer at Google where she focuses on Cloud CI/CD. She has spoken previously at Kubecon, Dockercon, and Qcon. Wendy is obsessed with dogs, and includes them in her presentations as much as possible.
avatar for Stephen Elliott

Stephen Elliott

Product Manager, Google
avatar for Graeme Hay

Graeme Hay

Managing Director, Global Head of Enterprise and Cloud Engineering, Morgan Stanley

Wednesday December 6, 2017 7:30pm - 9:00pm CST
Meeting Room 10C, Level 3