YoVDO

Protecting the World's Greatest Open Source Ecosystem with Sigstore

Offered By: Devoxx via YouTube

Tags

Devoxx Courses Software Supply Chain Security Courses Sigstore Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical importance of software supply chain security in this 50-minute conference talk by Sigstore-java maintainers Patrick Flynn and Appu Goundan. Discover how Sigstore, an OpenSSF project, addresses the dependency trust problem by simplifying cryptographic signing of artifacts. Learn about the risks associated with using unverified third-party packages and how Sigstore integrates with Maven Central to protect both producers and consumers of artifacts. Gain insights into implementing Sigstore to sign and verify artifacts, safeguarding your software and users from malicious supply chain attacks. Benefit from the speakers' extensive experience in Java developer tooling and software supply chain security as they demonstrate practical applications of Sigstore in the open-source ecosystem.

Syllabus

Protecting the world’s greatest open source ecosystem with Sigstore by Patrick Flynn , Appu Goundan


Taught by

Devoxx

Related Courses

GitHub Supply Chain Security Using GitGat
Linux Foundation via edX
Introduction to Security Principles in Cloud Computing
Google via Google Cloud Skills Boost
DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
Pluralsight
Hardening Your Soft Software Supply Chain
Pluralsight
Secure Software Supply Chain: Using Cloud Build & Cloud Deploy to Deploy Containerized Applications
Google via Google Cloud Skills Boost