YoVDO

Policy-Driven Supply Chain Security with Enterprise Contract

Offered By: DevConf via YouTube

Tags

Supply Chain Security Courses Cybersecurity Courses DevOps Courses Regulatory Compliance Courses Container Security Courses Open Policy Agent Courses Rego Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore policy-driven supply chain security using Enterprise Contract (EC) in this DevConf.US 2024 conference talk. Discover how EC functions as a simple decision engine to enforce provenance, regulatory compliance, and security requirements for container images. Learn about expressing policy configurations and requirements that EC can enforce, including image signature verification, attestation matching, and CVE alert checks. Understand how EC leverages the Open Policy Agent's Rego rule system to provide an extensible interface for evaluating container attributes, enabling enterprises to standardize supply chain security expectations. Watch a live demo showcasing the process of building an image, verifying it with EC, and customizing enforced policies. Gain insights into addressing the increasing demands for security and regulatory compliance in modern software supply chains through this 36-minute presentation by Mark Bestavros.

Syllabus

Policy-Driven Supply Chain Security with Enterprise Contract - DevConf.US 2024


Taught by

DevConf

Related Courses

Introduction to Open Policy Agent - Rego Language and Kubernetes Policies
Rawkode Academy via YouTube Application Code of Conduct - Full-Stack Policy as Code
Linux Foundation via YouTube Deploying Policy-as-Code with Readable Rego Policies and Open Policy Agent
CNCF [Cloud Native Computing Foundation] via YouTube Running Policy in Hard-to-Reach Places with WASM and OPA
CNCF [Cloud Native Computing Foundation] via YouTube Self Healing GitOps - Continuous, Secure GitOps Using Argo CD, Helm and OPA
CNCF [Cloud Native Computing Foundation] via YouTube