YoVDO

SLSA FRSCA Recipe for Secure Supply Chain

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Software Supply Chain Security Courses Sigstore Courses Kyverno Courses SPIFFE Courses SPIRE Courses CUE Courses SLSA Courses OpenSSF Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore an end-to-end solution for securing the software supply chain in this conference talk by Parth Patel and Michael Lieberman from Kusari. Discover how the OpenSSF - FRSCA implements CNCF best practices to protect build systems, secure ingestion, and enforce policies in production environments. Learn about the integration of Tekton Pipelines/Chains, Sigstore, SPIFFE/SPIRE, and Kyverno to create a holistic approach meeting SLSA Level 3 requirements. Understand how CUE, admission controllers, and short-lived certificates can cryptographically protect clusters based on policy. Gain insights into binary authorization and how FRSCA validates signatures and attestations for authorization until the next release cycle. Explore this implementable architecture designed for the open source community and end-user organizations to produce and ingest SLSA compliant artifacts, addressing the multiple threats in the software supply chain ecosystem.

Syllabus

SLSA FRSCA Recipe For Secure Supply Chain - Parth Patel & Michael Lieberman, Kusari


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Hands-On Introduction to Dagger - Rawkode Live
Rawkode Academy via YouTube Hands-on Introduction to CUE - From Basics to OpenAPI Spec Generation
Rawkode Academy via YouTube New Network Provisioning System Leveraging Kubernetes and Cloud Native Open Source
Linux Foundation via YouTube Rethinking Application Delivery with CUE and BuildKit
Docker via YouTube Experimenting with CUE and Carvel to Enable GitOps for Applications
CNCF [Cloud Native Computing Foundation] via YouTube