This site was created as a place to publish information about Zero Trust and Software Supply Chain Defense.

About Frederick

LinkedIn

Frederick Kautz is a distinguished leader in open-source and cloud-native communities, with over 10 years of kubernetes and docker experience, extensive expertise in software supply chain security, Zero Trust, and networking. He co-authored the influential NIST Special Publication 800-204D, Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines, which has significantly influenced the Department of Defense’s Enterprise DevSecOps Fundamentals version 2.5 by defining the software supply chain. 

Frederick created in-toto Archivista, an open source graph and storage service for in-toto attestations. This tool enables the discovery and retrieval of attestations for software artifacts, enhancing the security and integrity of software supply chains. By providing a trusted store for supply chain metadata, in-toto Archivista allows organizations to store and query attestations, facilitating policy validation and flexible querying through an efficient and horizontally scalable GraphQL API.

At Elevance Health, Frederick served as the lead architect for the Sydney Health app, a comprehensive mobile platform that provides users with personalized health information, digital ID cards, and access to care services. Collaborating closely with the Chief Information Security Officer (CISO) and the security team, Frederick was instrumental in defining the company’s Zero Trust strategy and the onboarding of Google Cloud Platform (GCP), transforming Elevance Health’s cloud infrastructure for secure, scalable growth.

Frederick also architected WorkOS, Elevance Health’s enterprise platform designed to streamline operations and enhance collaboration across the organization. By integrating advanced security measures and scalable cloud solutions, he ensured that WorkOS met the complex needs of a large healthcare enterprise.

His leadership extends to his tenure as Co-Chair of KubeCon + CloudNativeCon (now Emeritus), where he helped expand the global cloud-native community and set new standards for security and inclusivity. As a current member of the SPIFFE Steering Committee, Frederick continues to drive standards in workload identity and Zero Trust.

As an innovator, Frederick co-founded OmniBOR and ProtoBOM, advancing transparency in binary provenance and software bill of materials (SBOM) practices. In 2019, he developed one of the first federated learning platforms for healthcare, enabling collaborative research while preserving patient privacy. Additionally, he is a co-founder of Network Service Mesh. He has contributed to modernizing network infrastructure for secure, cloud-native networking solutions. He also defined the “CNF: Cloud Native Network Function,” which transformed network service provider architectures by enabling them to run on cloud architectures like Kubernetes.

Notable Contributions:

  • Co-Author of NIST SP 800-204D – Provided foundational guidance for secure software supply chains.
  • Lead Architect for Sydney Health App at Elevance Health – High volume customer facing app working with PHI.
  • Architect of WorkOS at Elevance Health – Designed an enterprise platform to streamline operations and enhance collaboration.
  • Emeritus Co-Chair of KubeCon + CloudNativeCon – led KubeCon out of its COVID phase.
  • OmniBOR and ProtoBOM Co-Creator and Maintainer – Innovations in SBOM and binary transparency.
  • Network Service Mesh Co-Founder – Advancing secure, cloud-native networking.
  • SPIFFE Steering Committee Member – Driving standards in workload identity.
  • Red Hat Container Storage Engine Founder - Storage for Containers

Additional Contributions:

  • Co-Author of the CNCF Cloud Native Security White Paper
  • Contributor to CNF Best Practices, CNCF TUG, and CNF WG
  • Co-Author of “Solving the Bottom Turtle” and X-Factor CNF Methodology
  • Former LFPH Technical Advisory Committee Member

Program Advisory and Committee Roles:

  • Track Co-Chair, KubeCon NA 2020 Networking Track
  • Program Committee Member, KubeCon EU and NA 2020 Networking Track
  • Program Committee Member, Open Networking Summit 2019 (NA & EU)
  • Program Advisory Group Member, Edge Computing World 2019