Cloudsmith: Unlocking Software Integrity: Native Signing & Policy Enforcement for Real-World CI/CD Pipelines
Secure your CI/CD pipeline with Cloudsmith and Chainguard. This session will show you how to embed native artifact signing and enforce security policies within your workflows, enabling fast, trusted shipping without compromise.
Things you’ll learn
- How to integrate open-source tools to sign and verify artifacts in your pipeline
- Practical policy enforcement strategies to prevent unverified software from reaching production
- Best practices for managing and storing signed artifacts across your CI/CD workflow
- How to maintain compliance and traceability with audit logs and tamper-proof metadata