Ask an OpenShift Expert: Red Hat Trusted Artifact Signer - Conforma

We were the guests of Episode 169 of the Red Hat YouTube podcast “Ask an OpenShift Expert”, where we dove into Conforma and how it bridges the gap between artifact generation and production deployment in a secure software supply chain.

From Build to Deploy

This episode is a follow-up to Episode 166, where Conforma Product Manager Veda Shankar introduced Red Hat Trusted Artifact Signer (RHTAS) and the build phase of the secure supply chain. This time around, the focus shifted to the deploy phase: once your images have signatures and attestations, how do you validate them before they reach production?

The episode features hands-on demos of Conforma’s policy-as-code approach, SBOM validation, and using AI to generate policy environments from natural language – making it easier than ever to get started with supply chain policy enforcement.

Watch the Episode

The full recording is now available on our Resources page.

Watch “Ask an OpenShift Expert | Ep 169 | Red Hat Trusted Artifact Signer - Conforma”

While you’re there, explore our collection of other conference presentations, demos, and educational content about securing software supply chains with Conforma.