Supply Chain Security: Building a Knowledge Graph for Artifact Relationships
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the complexities of software supply chain security in this 34-minute conference talk from KubeCon + CloudNativeCon Europe. Delve into the challenges of identifying vulnerabilities and understanding the impact of potential compromises in the software supply chain. Learn about a novel supply chain knowledge graph tool that combines information from SBOMs, in-toto/SLSA attestations, and other sources to provide a comprehensive view of artifact relationships and dependencies. Discover how this approach can help answer critical questions about the extent of potential security breaches and reveal often-overlooked dependencies in build systems. Gain insights into improving your organization's ability to assess and mitigate risks in the increasingly sophisticated landscape of supply chain attacks.
Syllabus
It's Dangerous To SLSA Alone Out There! Take This Artifact... - Mihai Maruseac & Michael Lieberman
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Building on Microsoft Sentinel PlatformMicrosoft via YouTube Securing Applications and Infrastructure on Kubernetes with Sysdig
Mirantis via YouTube Container Escape in 2021
Hack In The Box Security Conference via YouTube Running at Light Speed - Cloud Native Security Patterns
LASCON via YouTube Controlled Mayhem With Cloud Native Security Pipelines
OWASP Foundation via YouTube