YoVDO

Better Build Pipelines with OpenSSF Projects - Enhancing Trust and Security

Offered By: OpenSSF via YouTube

Tags

Container Security Courses Kubernetes Courses Cloud Native Buildpacks Courses Cosign Courses SLSA Courses OpenSSF Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a lightning talk demonstrating the integration of OpenSSF projects within a build pipeline to create trusted container artifacts. Learn how to utilize cosign, SBOMs, and SLSA to enhance security and trust in your deployment process. Discover the implementation of kpack for building container images on a Kubernetes cluster, and see how to integrate cosign for generating signed images. Understand the role of Cloud Native Buildpacks in generating SBOMs during the build activity. Examine the benefits of isolating build infrastructure on a Kubernetes cluster to achieve a hermetic and parameterless build process, and learn how to score it against appropriate SLSA levels.

Syllabus

In Honk We Trust: Better Build Pipelines - Ram Iyengar, Cloud Foundry Foundation


Taught by

OpenSSF

Related Courses

Securing Your Software Supply Chain with Sigstore
Linux Foundation via edX Hands-on Introduction to Sigstore - Securing the Software Supply Chain
Rawkode Academy via YouTube Attesting Practically: Exploring the Glue Behind Secure Runtime Environments
Linux Foundation via YouTube Software Supply Chain Integrity with Sigstore
Linux Foundation via YouTube Making Sense of Security Supply Chain - An Overview for Beginners
CNCF [Cloud Native Computing Foundation] via YouTube