Hands-on Introduction to Sigstore - Securing the Software Supply Chain
Offered By: Rawkode Academy via YouTube
Course Description
Overview
Explore a hands-on introduction to Project sigstore in this comprehensive video tutorial. Learn about the fundamentals of sigstore, a Linux Foundation project aimed at improving open source software supply chain security. Discover how to sign and verify container images using cosign, including its keyless mode. Delve into transparency logs with rekor and understand how to implement signed image policies using Kyverno. Gain practical insights from Dan Lorenc, an expert in OSS Supply Chain Security at Google, as he guides you through the essential components and applications of sigstore. Perfect for developers and software providers looking to enhance their knowledge of cryptographic software signing and secure artifact management.
Syllabus
- Holding screen
- Introductions
- What is Project sigstore?
- Signing & Verifying Container Images with cosign
- cosign: keyless mode
- Transparency Logs with rekor
- Using Kyverno for Signed Image Policies
Taught by
Rawkode Academy
Related Courses
Kyverno - Deep Dive - Tech TalksMirantis via YouTube Kubernetes Native Policy Management with Kyverno
Ekoparty Security Conference via YouTube Hands-on with Policy Reporter - Kyverno Visibility Tool
Rawkode Academy via YouTube Introduction to Kyverno - Getting Started with Kubernetes Policy Management
Rawkode Academy via YouTube Securing Kubernetes Manifests with Sigstore Cosign - Options and Best Practices
Linux Foundation via YouTube