Securing Content Repositories with The Update Framework (TUF)
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the critical aspects of securing content repositories using The Update Framework (TUF) in this informative conference talk. Discover how TUF protects against known attacks on software update systems, learn about its key features, and understand its importance in content delivery. Gain insights into recent developments in TUF and related projects, and delve into proposed new features through a review of a TUF Augmentation Proposal (TAP). Learn how major organizations like Docker, Amazon, and Google leverage TUF to secure software updates, and find out how to get involved in this crucial aspect of cybersecurity.
Syllabus
Intro
What are content repositories?
What might go wrong?
It has gone wrong...
The Update Framework (TUF)
Protect Content
Reduce Impact of Key Loss
Recover from Compromise
TUF Project
TUF Deployments
Developer key management
Notary v2 TUF
Integrations
Sigstore's TUF root of trust
Implementation Updates
Questions
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Toto-Ally TUF: Simple Tools for a Secure Software Supply ChainLinux Foundation via YouTube Software Supply Chain Security Case Study at Anaconda
Linux Foundation via YouTube Securing the Container Supply Chain with Notary, TUF, and Gatekeeper
Linux Foundation via YouTube Improving Package Repository Security - From White Papers to Practice
Linux Foundation via YouTube Container Security: Supply Chain, Authorization, and Runtime Protection
Docker via YouTube