Filling the Gaps in Kubernetes Flavored SLSA with Threat Modeling
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore a comprehensive analysis of supply chain security in Kubernetes-based CI/CD platforms through this informative conference talk. Dive into the application of SLSA (Supply chain Levels for Software Artifacts) standards to Kubernetes environments, using Tekton as a case study. Learn how to conduct threat modeling to identify and mitigate potential vulnerabilities, including those exploitable by external actors, internal actors, and privileged admins. Gain insights into mapping trust boundaries to SLSA standards and witness practical demonstrations of compliance using open-source projects like Sigstore and SPIRE. Enhance your understanding of supply chain security and acquire valuable strategies for safeguarding artifact building processes on Kubernetes.
Syllabus
Filling the Gaps in Kubernetes Flavored SLSA with Threat Modeling - Christie Wilson & Priya Wadhwa
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Introduction to JenkinsLinux Foundation via edX Introduction to Cloud Native, DevOps, Agile, and NoSQL
IBM via edX Learn Azure DevOps CI/CD pipelines
Udemy IBM Full Stack Software Developer
IBM via Coursera DevOps: CI/CD with Jenkins pipelines, Maven, Gradle
Udemy