YoVDO

Securing the Software Supply Chain with the In-toto and SPIRE Projects

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Conference Talks Courses iOS Development Courses Software Supply Chain Security Courses SPIRE Courses in-toto Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical aspects of securing the software supply chain in this 20-minute conference talk. Learn about the in-toto and SPIRE projects, and their role in addressing current gaps in open-source ecosystems. Discover how to implement a cryptographically attestable software pipeline with automated certificate issuance. Delve into topics such as Zero Trust Architecture, CICD Pipeline, and Evidence-based Trust. Gain insights into SPIRE's functionality and witness a practical demonstration. This presentation, delivered by Cole Kennedy and Mikhail Swift from BoxBoat Technologies at KubeCon + CloudNativeCon North America 2021, offers valuable knowledge for developers and end-users of CNCF-hosted projects like Kubernetes, Prometheus, and Envoy.

Syllabus

Introduction
The problem at hand
Zero Trust Architecture
CICD Pipeline
Evidencebased Trust
How does it work
What is SPIRE
How SPIRE works
Demo


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube