YoVDO

Securing the Supply Chain: A Practical Guide to SLSA Compliance from Build to Runtime

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Supply Chain Security Courses Kubernetes Courses GitHub Actions Courses Cosign Courses Kubescape Courses Kyverno Courses in-toto Courses SLSA Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a comprehensive guide to securing the software supply chain through SLSA (Supply-chain Levels for Software Artifacts) compliance in this 33-minute conference talk by Enguerrand Allamel from Ledger at CNCF's KubeCon event. Learn how to implement foundational security practices from build to runtime using Cloud Native Computing Foundation tools. Discover the integration of GitHub Actions for automated build processes, Cosign for keyless artifact signing, and Kyverno for runtime policy enforcement. Gain insights into managing and verifying artifact integrity with in-toto and Kubescape, providing a holistic approach to SLSA compliance in the Kubernetes ecosystem. Explore the potential of incorporating Hardware Security Modules (HSMs) to enhance key management security in signing processes, adding an extra layer of protection against attacks in the supply chain.

Syllabus

Securing the Supply Chain: A Practical Guide to SLSA Compliance from Build to... Enguerrand Allamel


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Managing Kubernetes Security Using Kubescape and Lens - Mirantis Labs Tech Talks
Mirantis via YouTube Secure Your Kubernetes Clusters With Kubescape by Armosec
Kunal Kushwaha via YouTube Hands-on Introduction to Kubescape - Kubernetes Security Scanning Tool
Rawkode Academy via YouTube Introduction to GitHub Actions CI/CD
Kunal Kushwaha via YouTube Find Kubernetes Security Issues While Coding With Kubescape
Kunal Kushwaha via YouTube