Policy-Driven Supply Chain Security with Enterprise Contract
Offered By: DevConf via YouTube
Course Description
Overview
Explore policy-driven supply chain security using Enterprise Contract (EC) in this DevConf.US 2024 conference talk. Discover how EC functions as a simple decision engine to enforce provenance, regulatory compliance, and security requirements for container images. Learn about expressing policy configurations and requirements that EC can enforce, including image signature verification, attestation matching, and CVE alert checks. Understand how EC leverages the Open Policy Agent's Rego rule system to provide an extensible interface for evaluating container attributes, enabling enterprises to standardize supply chain security expectations. Watch a live demo showcasing the process of building an image, verifying it with EC, and customizing enforced policies. Gain insights into addressing the increasing demands for security and regulatory compliance in modern software supply chains through this 36-minute presentation by Mark Bestavros.
Syllabus
Policy-Driven Supply Chain Security with Enterprise Contract - DevConf.US 2024
Taught by
DevConf
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network