Project Trebuchet - How SolarWinds is Using Open Source to Secure Their Supply Chain in the Wake of the Sunburst Hack
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the aftermath of the SolarWinds Sunburst hack in this 37-minute keynote presentation from KubeCon + CloudNativeCon Europe 2022. Discover how SolarWinds is leveraging open-source technologies to fortify their supply chain security through Project Trebuchet. Gain insights into the anatomy of supply chain attacks, the challenges faced in implementing robust security measures, and the innovative solutions being developed. Learn about the Golden Rule approach, the Trebuchet development experience, and key components such as provenance, InToto, consensus validation clusters, and vulnerability analysis. Understand the complexities of rebuilding trust and security in the wake of a sophisticated nation-state attack, and explore the potential of CNCF and CDF projects in creating resilient build systems for the future.
Syllabus
Intro
What is a Supply Chain Attack
Project Trebuchet
The Golden Rule
Why it wont work
Trebuchet Dev Experience
Trebuchet GitHub
Provenance
InToto
Consensus
Validation Cluster
Vulnerability Analysis
Conclusion
Questions
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube