YoVDO

A Step Closer to Secure Development: Using in-Toto and OPA Gatekeeper to Verify Artifact Integrity

Offered By: Linux Foundation via YouTube

Tags

Software Supply Chain Security Courses Kubernetes Courses DevSecOps Courses Continuous Deployment Courses Continuous Integration Courses Container Security Courses Open Policy Agent Courses in-toto Courses OPA Gatekeeper Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore secure software development practices in this 45-minute conference talk from the Linux Foundation. Learn how to verify artifact integrity throughout the software supply chain using in-toto and OPA Gatekeeper. Discover the benefits of automating development processes from 'git commit' to 'kubectl apply' while addressing security concerns. Examine the risks associated with various automation implementations and understand the importance of maintaining consistency and security. Gain insights into in-toto's pioneering frameworks and tools, including subprojects Witness and Archivista, designed to secure software development, building, testing, and packaging. Follow an end-to-end demonstration of securely developing container images for Kubernetes using these tools in conjunction with Open Policy Agent's admission controller, Gatekeeper.

Syllabus

A Step Closer to in-Toto’lly Secure: Using in-Toto and OPA Gatekeeper...- Tom Meadows & John Kjell


Taught by

Linux Foundation

Tags

Related Courses

Hardening Your Soft Software Supply Chain
Pluralsight
DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
Pluralsight
Securing Your Software Supply Chain with Sigstore
Linux Foundation via edX
GitHub Supply Chain Security Using GitGat
Linux Foundation via edX
Kyverno - Deep Dive - Tech Talks
Mirantis via YouTube