In-toto - Securing the Entire Software Supply Chain
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the critical importance of software supply chain security in this 19-minute conference talk by Santiago Torres from NYU. Dive into the basics of securing the software development, distribution, and deployment pipeline as attackers increasingly target these processes. Learn about in-toto, a CNCF member project that provides tooling and protocols to verifiably define and secure all steps of the supply chain. Discover how in-toto allows you to specify authorized personnel and ensure that every action aligns with your intentions, offering enhanced security guarantees to you and your customers. Gain insights into how this versatile tool can be applied to strengthen security measures both within and beyond the cloud native ecosystem.
Syllabus
in-toto: Securing the Entire Software Supply Chain - Santiago Torres, NYU
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Securing Your Infrastructure as Code PipelineLinux Foundation via YouTube Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain
Linux Foundation via YouTube Software Supply Chain Security Case Study at Anaconda
Linux Foundation via YouTube Container Security: Supply Chain, Authorization, and Runtime Protection
Docker via YouTube In-Toto: Attestations and Software Supply Chain Security
CNCF [Cloud Native Computing Foundation] via YouTube