Hardening the DevOps Pipeline with New Open-Source Security Tooling
Offered By: OpenSSF via YouTube
Course Description
Overview
Explore a comprehensive roadmap for hardening your DevOps pipeline against cyber attacks in this 17-minute conference talk by Steve Taylor from DeployHub, Inc. Learn about five critical phases where open-source security tools can be implemented to enhance your pipeline's security. Discover the latest advancements in code signing, repo scanning, image SBOMs, OCI registries, pipeline audits, CDEvents, and evidence catalogs. Gain valuable insights into evolving your DevOps practices to incorporate cutting-edge security solutions at minimal cost, equipping yourself with the knowledge to immediately strengthen your development and deployment processes.
Syllabus
It's Time to Harden the DevOps Pipeline with New Open-Source Security Tooling - Steve Taylor
Taught by
OpenSSF
Related Courses
Target Rich Cyber PoorBSidesLV via YouTube The A's, B's, and Four C's of Testing Cloud-Native Applications
LASCON via YouTube SBOM Challenges and How to Fix Them
BSidesLV via YouTube The Case for Software Bill of Materials
BSidesLV via YouTube Collaborating to Improve Open Source Security - How the Ecosystem Is Stepping Up
RSA Conference via YouTube