YoVDO

Better Build Pipelines with OpenSSF Projects - Enhancing Trust and Security

Offered By: OpenSSF via YouTube

Tags

Container Security Courses Kubernetes Courses Cloud Native Buildpacks Courses Cosign Courses SLSA Courses OpenSSF Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a lightning talk demonstrating the integration of OpenSSF projects within a build pipeline to create trusted container artifacts. Learn how to utilize cosign, SBOMs, and SLSA to enhance security and trust in your deployment process. Discover the implementation of kpack for building container images on a Kubernetes cluster, and see how to integrate cosign for generating signed images. Understand the role of Cloud Native Buildpacks in generating SBOMs during the build activity. Examine the benefits of isolating build infrastructure on a Kubernetes cluster to achieve a hermetic and parameterless build process, and learn how to score it against appropriate SLSA levels.

Syllabus

In Honk We Trust: Better Build Pipelines - Ram Iyengar, Cloud Foundry Foundation


Taught by

OpenSSF

Related Courses

Security Is an Ecosystem - We Can't Be Secure in Isolation
Linux Foundation via YouTube Improving the Security of a Large Open Source Project One Step at a Time
Linux Foundation via YouTube Simplifying Coordinating Vulnerabilities and Disclosures in Open Source Projects
Linux Foundation via YouTube SLSA in Action: Securing the Software Supply Chain
Linux Foundation via YouTube Implementing OpenSSF Best Practices Badges and Scorecards for Project Security
Linux Foundation via YouTube