YoVDO

Software Supply Chain Aspects in Infrastructure as Code and How to Secure It

Offered By: Linux Foundation via YouTube

Tags

Infrastructure as Code Courses Docker Courses Metadata Courses Software Supply Chain Security Courses Container Security Courses Helm Charts Courses Typosquatting Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical aspects of software supply chain security in Infrastructure as Code (IaC) and learn effective strategies to mitigate risks. Delve into the KICS (Keep Infrastructure as Code Secure) open-source project and its role in enhancing IaC security. Examine the parallels between IaC vulnerabilities and software package dependencies, highlighting the importance of scrutinizing reused Docker files, HELM charts, and container sources. Gain insights into emerging risks in the IaC world and their potential impact on lower levels of the software stack. Discover how to leverage IaC scanning techniques to prevent software supply chain issues in your infrastructure. Cover key topics including software security, container supply chain, typosquatting, metadata importance, distroless containers, reproducibility, and secure container creation practices.

Syllabus

Software Supply Chain
Software Security
Supply Chain Security & Containers
Find a HELM chart
Levels of Typosquatting
Container Supply Chain
The importance of metadata
Distroless containers
Reproducibility
Securing Container Creation


Taught by

Linux Foundation

Tags

Related Courses

Hardening Your Soft Software Supply Chain
Pluralsight
DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
Pluralsight
Securing Your Software Supply Chain with Sigstore
Linux Foundation via edX
GitHub Supply Chain Security Using GitGat
Linux Foundation via edX
Kyverno - Deep Dive - Tech Talks
Mirantis via YouTube