YoVDO

Platform Driven Compliance with Sigstore at Autodesk

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

CI/CD Courses Compliance Courses Vulnerability Scanning Courses Container Security Courses Sigstore Courses Cosign Courses SPIRE Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a conference talk on how Autodesk leverages Sigstore to enhance platform-driven compliance. Discover Autodesk's journey in adapting their CI/CD tooling to meet current and future compliance needs, particularly as they expand into government sales. Learn about their container provenance tracking solution built on Cosign with InToto vulnerability scanning attestations. Witness a demonstration of Autodesk's deployment governance solution, designed to block non-compliant images from progressing through CD pipelines. Gain insights into Autodesk's future plans for implementing a machine identity solution using SPIRE for keyless signing with Cosign, Fulcio, and Rekor. Understand how these innovations help Autodesk maintain trust in their software across both desktop and cloud-based solutions.

Syllabus

Platform Driven Compliance with Sigstore at Autodesk - Jesse Sanford, Autodesk


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Securing Your Software Supply Chain with Sigstore
Linux Foundation via edX Hands-on Introduction to Sigstore - Securing the Software Supply Chain
Rawkode Academy via YouTube Protecting the World's Greatest Open Source Ecosystem with Sigstore
Devoxx via YouTube PGP vs Sigstore - The Match at Maven Central
Devoxx via YouTube Securing Your Infrastructure as Code Pipeline
Linux Foundation via YouTube