CTF: Security Scanning and Policy Enforcement

​Supply chain attacks are coming for your pipeline. Can you stop them? In this Capture the Flag challenge, you’ll battle real-world threats using Trivy and OPA. Scan images and packages for hidden vulnerabilities, generate SBOMs to trace risky dependencies, and write Rego policies to lock down your supply chain. Each level raises the stakes, from prioritizing exploits with EPSS to quarantining artifacts before they spread. Complete every challenge before the event ends, and you’ll claim not just bragging rights, but a shot at prizes too.

​Why Attend

​This is not theory, it is a hands-on showdown where your skills get put to the test. You’ll leave with:

• ​Battle-tested practice in scanning containers and packages with Trivy

• ​The power to turn scan results into action using OPA Rego policies

• ​Know-how to use EPSS and VEX to separate real threats from background noise

• ​The confidence to enforce security policies without slowing delivery

​Gear up, step in, and prove you can defend the pipeline.

​This is a B.Y.O.L. (Bring Your Own Laptop) event.

​Agenda

• ​1:30 – 2:00 PM: Check-In & Networking

• ​2:00 – 2:30 PM: Opening Presentation

• ​2:30 – 4:00 PM: Challenge Intro & Gameplay Phase 1

• ​4:00 – 4:15 PM: Break

• ​4:15 – 5:30 PM: Gameplay Phase 2

• ​5:30 – 6:00 PM: Final Leaderboard & Prizes

​Looking for more fun at KubeCon NA?

​Secure your spot today and join us for an unforgettable night of smoky BBQ, local brews, and live blues to close out KubeCon at AprèsKube ATL: Blues, Brews, and BBQ!

​By registering for this event, you agree that your registration information will be shared with the event sponsor for the purpose of event follow-up and marketing communications. Sponsors may contact you occasionally about their respective products and services, and you may unsubscribe from such communications at any time.