YoVDO

Leveraging Sigstore Capabilities in a Local Environment

Offered By: OpenSSF via YouTube

Tags

Sigstore Courses Kubernetes Courses OAuth Courses Software Supply Chain Security Courses Certificate Authorities Courses Cosign Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore how Lockheed Martin integrates Sigstore capabilities in a local environment to enhance software supply chain security. Learn about the company's approach to creating internal Kubernetes deployments of Sigstore utilities, using internal certificate authorities and trust roots within identity providers. Discover the implementation of AWS Key Management Service for signing and the use of reusable Gitlab pipelines to streamline interactions with internal Oauth providers and simplify cosign tool usage. Gain insights into the reasons behind this approach, unique implementation details, and future plans to meet Executive Order 14028 requirements in an affordable and robust manner. Understand the importance of open-source solutions in addressing challenges related to licensing, dependencies, and vulnerabilities in software development.

Syllabus

Leveraging Sigstore Capabilities in a Local Environment - Chad Coleman, Lockheed Martin


Taught by

OpenSSF

Related Courses

Introduction to Office 365 Development and APIs
Microsoft via edX Authentication & Authorization: OAuth
Udacity API Security on Google Cloud's Apigee API Platform
Google Cloud via Coursera Developing APIs with Google Cloud's Apigee API Platform
Google Cloud via Coursera Python and Flask Bootcamp: Create Websites using Flask!
Udemy