YoVDO

Better Build Pipelines with OpenSSF Projects - Enhancing Trust and Security

Offered By: OpenSSF via YouTube

Tags

Container Security Courses Kubernetes Courses Cloud Native Buildpacks Courses Cosign Courses SLSA Courses OpenSSF Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a lightning talk demonstrating the integration of OpenSSF projects within a build pipeline to create trusted container artifacts. Learn how to utilize cosign, SBOMs, and SLSA to enhance security and trust in your deployment process. Discover the implementation of kpack for building container images on a Kubernetes cluster, and see how to integrate cosign for generating signed images. Understand the role of Cloud Native Buildpacks in generating SBOMs during the build activity. Examine the benefits of isolating build infrastructure on a Kubernetes cluster to achieve a hermetic and parameterless build process, and learn how to score it against appropriate SLSA levels.

Syllabus

In Honk We Trust: Better Build Pipelines - Ram Iyengar, Cloud Foundry Foundation


Taught by

OpenSSF

Related Courses

Ketchup, Mustard, and Relish of Software Supply Chain Security - Panel Discussion
Linux Foundation via YouTube SLSA in Action: Securing the Software Supply Chain
Linux Foundation via YouTube Securing Your Supply Chain by Building with FRSCA
Linux Foundation via YouTube Open Tools for Secure Supply Chains in Kubernetes - From Release Engineering
Linux Foundation via YouTube Google SLSA and NIST SSDF - Emerging Software Supply Chain Security Best Practices
Linux Foundation via YouTube