YoVDO

Verifying Software Signatures with TUF and Sigstore

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Software Security Courses Container Registry Courses Sigstore Courses in-toto Courses The Update Framework Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical aspects of software security and signature verification in this informative conference talk. Delve into the common misconceptions surrounding software signing and learn why verification is crucial for ensuring true security. Discover how to properly verify software signatures and identify the right signers. Gain insights into utilizing CNCF projects like The Update Framework (TUF), in-toto, and Sigstore to enhance security for open source package repositories and internal container registries. Understand the capabilities and limitations of software signing, and learn to design effective verification policies for your projects or organizations. Explore how open source software repositories are implementing these techniques to guarantee the authenticity of downloaded code.

Syllabus

Not All That’s Signed Is Secure: Verify the Right Way with TUF and... Zachary Newman & Marina Moore


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld Systems
Vanderbilt University via Coursera Engineering Maintainable Android Apps
Vanderbilt University via Coursera Software Design as an Element of the Software Development Lifecycle
University of Colorado System via Coursera Secure Software Development
Pluralsight Secure Software Concepts for CSSLP®
Pluralsight