Enforcing Supply Chain Security and Simplifying Compliance Audit for ArgoCD Deployments
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore techniques for enforcing supply chain security and simplifying compliance audits for ArgoCD deployments in this 20-minute conference talk by Gopinath Rebala and Bob Boule from OpsMx. Learn how to address the challenges of increasing supply chain attacks and compliance requirements by implementing end-to-end auditing and secure supply chain workflows. Discover the use of open-source tools such as Guac, Sigstore, in-toto, Elastic, and Grafana to create a comprehensive attestation system for the entire delivery process. Gain insights into the concept of Delivery Bill of Materials (DBOM) based on SBOM, and understand best practices and potential pitfalls in implementing such a system. This talk, presented at a CNCF event, offers valuable knowledge for organizations looking to enhance their GitOps-based deployment security and streamline compliance auditing processes.
Syllabus
Enforcing Supply Chain Security and Simplifying Compliance Audit... Gopinath Rebala & Bob Boule
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
A Step Closer to Secure Development: Using in-Toto and OPA Gatekeeper to Verify Artifact IntegrityLinux Foundation via YouTube Achieving End-to-End Software Supply Chain Security with in-toto
CNCF [Cloud Native Computing Foundation] via YouTube Cloud Native Supply Chain Security with Tekton and Sigstore
CNCF [Cloud Native Computing Foundation] via YouTube Demystify Modern Signing: Keys, Certificates, and Envelopes
CNCF [Cloud Native Computing Foundation] via YouTube Enforceable Software Supply Chain Policies and Attestations Using in-Toto
CNCF [Cloud Native Computing Foundation] via YouTube