Browse categories
Explore
Fiverr Pro
English
$
USD
I will set up a devsecops ci cd pipeline with sbom image signing and cve scanning
Cloud Native Security and DevSecOps Engineer, Kubernetes CI CD AI Safety
I'm Suliman Khan — a cloud-native security engineer focused on Kubernetes, DevSecOps, and AI/LLM safety.
I help teams ship secure containerized apps, harden K8s clusters with Kyverno + CIS benchmarks,...
About this Gig
Need a DevSecOps CI/CD pipeline that catches supply-chain attacks BEFORE they reach production? I'll build it for you.
I will deliver a production-grade GitHub Actions pipeline that:
Signs every container image with Sigstore Cosign (keyless no long-lived keys)
Generates dual SPDX + CycloneDX SBOMs (Syft)
Blocks vulnerable images via Grype / Trivy CVE gates
Enforces signature verification at Kubernetes admission (Kyverno)
Produces SLSA Level 3 build provenance
Working demo: signed admitted, tampered rejected
WHY ME:
Built a full SLSA Level 3 supply-chain platform (public on GitHub)
Research background in cloud-native security and detection engineering
BS thesis on adaptive IDS manuscript under IEEE review
Hands-on with Kubernetes, eBPF, Cosign, Kyverno, OWASP standards
TECH STACK:
GitHub Actions, GitLab CI, Jenkins, Docker, Kubernetes (EKS / k3s / kind), Helm, Cosign, Fulcio, Rekor, Syft, Grype, Trivy, Kyverno, SLSA v1.0
YOU GET:
Complete CI/CD workflow files (committed to your repo)
Signed + scanned container images on every push
SBOM artifacts (SPDX + CycloneDX)
Kyverno admission policies (optional)
Full setup docs + free revision
Tools:
Docker
•
GitLab
•
Jenkins
•
GitHub
•
Cloud Formation
Frameworks:
Npm
•
Terraform
•
Ansible
•
Puppet
•
Crossplane
Programming language:
Java
•
JavaScript
•
Perl
•
Python
Expertise:
Installation
•
Development
•
Configuration
My Portfolio
Other DevOps Engineering Services I Offer
FAQ
What CI/CD platforms do you support?
I work with GitHub Actions, GitLab CI/CD, Jenkins, AWS CodePipeline, and Azure DevOps. GitHub Actions is most popular and recommended for most projects.
What programming languages do you support?
My pipelines support all major languages including Python, JavaScript/Node.js, Java, Go, PHP, Ruby, and .NET. The security scanning works with any language.
Do I need to give you access to my repository?
Yes, I will need collaborator access to set up the pipeline. I respect your code privacy and sign NDAs if required.
Can you integrate with my existing AWS infrastructure?
Absolutely! I specialize in AWS and can integrate with EC2, ECS, EKS, Lambda, S3, and other services you're already using.
What if I need changes after delivery?
Each package includes revisions. I also offer 30-day support with the Premium package. For ongoing needs, we can discuss a maintenance arrangement.
How secure is the pipeline itself?
I follow security best practices including encrypted secrets, least-privilege IAM roles, and no hardcoded credentials. Your pipeline will be as secure as what it protects.
