YoVDO

Secure Your Project with the SIG Release Supply Chain Kit

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Supply Chain Security Courses Kubernetes Courses CI/CD Courses GitHub Actions Courses Release Engineering Courses Software Bill of Materials Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Discover how to enhance your project's supply chain security using the SIG Release Supply Chain Kit in this informative conference talk. Learn about the tools developed by the Kubernetes SIG Release team over the past two years, now available for any project to utilize. Explore features such as Software Bill of Materials, signed SLSA provenance attestations, signed container images and artifacts, and secure GitHub release pages. Gain insights into how these tools are currently employed across various Cloud Native projects, including Knative, Istio, Cilium, CRI-O, and Vitess. Follow along with simple examples demonstrating how to implement better supply chain security measures in your own project using reusable GitHub actions. Conclude with an invitation to join the Kubernetes Release Engineering team for those passionate about CI/CD and software supply chain security.

Syllabus

Secure Your Project with the SIG Release Supply Chain Kit - Adolfo GarcĂ­a Veytia & Carlos Panato


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Target Rich Cyber Poor
BSidesLV via YouTube The A's, B's, and Four C's of Testing Cloud-Native Applications
LASCON via YouTube SBOM Challenges and How to Fix Them
BSidesLV via YouTube The Case for Software Bill of Materials
BSidesLV via YouTube Collaborating to Improve Open Source Security - How the Ecosystem Is Stepping Up
RSA Conference via YouTube