YoVDO

Protect the Pipe - A Policy-based Approach for Securing CI/CD Pipelines

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Cloud-Native Security Courses Tekton Courses Sigstore Courses Kyverno Courses in-toto Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a cloud-native security framework for Tekton pipelines using in-toto, Kyverno, and sigstore in this conference talk. Learn about the unique security challenges faced by CI/CD pipelines and discover how to implement policy-based controls for pipeline composition, configurations, and execution. Gain insights into protecting critical assets in modern applications that are composed of numerous packages and delivered through automated CI/CD pipelines. Watch as the speakers demonstrate the use of open-source tools to attest and verify each pipeline resource and execution step using declarative policies, addressing the growing risks of attacks, vulnerabilities, and misconfigurations in rapid delivery environments.

Syllabus

Protect the Pipe! A Policy-based Approach for Securing CI/CD Pipe... Shripad Nadgowda & Jim Bugwadia


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Securing Your Infrastructure as Code Pipeline
Linux Foundation via YouTube Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain
Linux Foundation via YouTube Software Supply Chain Security Case Study at Anaconda
Linux Foundation via YouTube Container Security: Supply Chain, Authorization, and Runtime Protection
Docker via YouTube In-Toto: Attestations and Software Supply Chain Security
CNCF [Cloud Native Computing Foundation] via YouTube