Loading…
June 23 - 25, 2025
Denver, Colorado
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Mountain Daylight Time (UTC/GMT -6). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
← Back to schedule
Securing OIDC Federation in CI/CD Workflows - Billy Lynch, Chainguard
Monday June 23, 2025 3:55pm - 4:15pm MDT
Bluebird Ballroom 3B
OIDC and workload identity are fantastic ways to improve the security of CI/CD workflows. They offer a mechanism to get rid of traditional long lived keys and access tokens, with many APIs offering ways to use these tokens across environments.

However, the security of identity federation is only as strong as the policies that back them. If used incorrectly, it can be exploited to gain access to sensitive resources and potentially compromise your supply chain to use your own CI/CD platform against you.

In this talk we'll do a deep dive on OIDC and identity federation. We'll look at some of the common risks that come while using it, and strategies to help secure your environment and define strong security policies.
Speakers
avatar for Billy Lynch

Billy Lynch

Staff Software Engineer, Chainguard
Billy is a staff software engineer at Chainguard, working on developer tools and securing software supply chains for everyone! He is a contributor and maintainer to the Sigstore, Tekton, and gittuf projects, and is the creator of gitsign. Prior to working at Chainguard, Billy worked... Read More →
Monday June 23, 2025 3:55pm - 4:15pm MDT
Bluebird Ballroom 3B
  cdCon

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link