YoVDO

Putting the Supply Chain Pieces Together: A Deep Dive into the Secure Software Factory

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Software Supply Chain Security Courses Tekton Courses Sigstore Courses Kyverno Courses SPIRE Courses SLSA Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Dive deep into the implementation of the CNCF's Secure Software Factory reference architecture in this conference talk. Explore the holistic nature of supply chain security and discover how the reference architecture addresses the software provenance gap faced by many projects and organizations. Learn how cloud native tools, when properly configured and implemented, can enhance artifact trustworthiness and provide reliable provenance. Examine a system built on tools like Kyverno, Tekton, Chains, Spire, and Sigstore, and understand how they interconnect to create software meeting high SLSA levels. Gain insights into the Secure Software Factory's functionality, build environment, defaults, configuration, and practical application through an example build.

Syllabus

Introduction
What is the Secure Software Factory
What does the Secure Software Factory do
Build Environment
Example Build
What is SFF
SFF Defaults
SFF Configuration
SFF in Action


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Kyverno - Deep Dive - Tech Talks
Mirantis via YouTube Kubernetes Native Policy Management with Kyverno
Ekoparty Security Conference via YouTube Hands-on Introduction to Sigstore - Securing the Software Supply Chain
Rawkode Academy via YouTube Hands-on with Policy Reporter - Kyverno Visibility Tool
Rawkode Academy via YouTube Introduction to Kyverno - Getting Started with Kubernetes Policy Management
Rawkode Academy via YouTube