Enforcing Organization Policies with Enterprise Contract
Offered By: OpenSSF via YouTube
Course Description
Overview
Discover how to enforce organizational policies for container images using the open-source Enterprise Contract ecosystem in this 21-minute conference talk by Zoran Regvart from Red Hat. Learn about leveraging Sigstore signatures, in-toto attestations, and other tamper-proof sources to maintain security in the rapidly evolving tech landscape. Focus on the Tekton ecosystem while exploring how Enterprise Contract, a CI agnostic tool, can be used to validate specific tasks like code scanners during the container image build process. Gain insights into going beyond simple signature checks for comprehensive container image validation. Although familiarity with the Sigstore community project is beneficial, beginners are also welcome to attend this informative session presented by OpenSSF.
Syllabus
Enforcing Organization Policies with Enterprise Contract - Zoran Regvart, Red Hat
Taught by
OpenSSF
Related Courses
Securing Your Software Supply Chain with SigstoreLinux Foundation via edX Hands-on Introduction to Sigstore - Securing the Software Supply Chain
Rawkode Academy via YouTube Protecting the World's Greatest Open Source Ecosystem with Sigstore
Devoxx via YouTube PGP vs Sigstore - The Match at Maven Central
Devoxx via YouTube Securing Your Infrastructure as Code Pipeline
Linux Foundation via YouTube