Enforcing Supply Chain Security and Simplifying Compliance Audit for ArgoCD Deployments
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore techniques for enforcing supply chain security and simplifying compliance audits for ArgoCD deployments in this 20-minute conference talk by Gopinath Rebala and Bob Boule from OpsMx. Learn how to address the challenges of increasing supply chain attacks and compliance requirements by implementing end-to-end auditing and secure supply chain workflows. Discover the use of open-source tools such as Guac, Sigstore, in-toto, Elastic, and Grafana to create a comprehensive attestation system for the entire delivery process. Gain insights into the concept of Delivery Bill of Materials (DBOM) based on SBOM, and understand best practices and potential pitfalls in implementing such a system. This talk, presented at a CNCF event, offers valuable knowledge for organizations looking to enhance their GitOps-based deployment security and streamline compliance auditing processes.
Syllabus
Enforcing Supply Chain Security and Simplifying Compliance Audit... Gopinath Rebala & Bob Boule
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
In-Toto: Attestations and Software Supply Chain SecurityCNCF [Cloud Native Computing Foundation] via YouTube Spicing up Container Image Security with SLSA and GUAC
CNCF [Cloud Native Computing Foundation] via YouTube Cloud Native Security Landscape - Myths, Dragons, and Real Talk
CNCF [Cloud Native Computing Foundation] via YouTube Software Supply Chain Security for Those in a Rush
Devoxx via YouTube Eliminating the Unknowns: Using GUAC to Better Understand Your Software Supply Chain
Linux Foundation via YouTube