Software Supply Chain Security Case Study at Anaconda
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore a real-world case study on securing a large-scale open-source packaging pipeline in this 43-minute conference talk. Gain insights into the architecture of an open-source package build pipeline, from acquisition to installation, and learn about common gaps and attacks. Discover the concrete steps taken to overcome real challenges encountered and the positive outcomes achieved. Understand how respected open-source security designs like The Update Framework, Sigstore, and in-toto were utilized, and how the Supply chain Levels for Software Artifacts (SLSA) framework was employed to organize and drive security improvement efforts. Conclude with valuable guidance for implementing similar security measures in your own organization's software supply chain.
Syllabus
Software Supply Chain Security Case Study at Anaconda - Sebastien Awwad, Anaconda
Taught by
Linux Foundation
Tags
Related Courses
Securing Your Software Supply Chain with SigstoreLinux Foundation via edX Hands-on Introduction to Sigstore - Securing the Software Supply Chain
Rawkode Academy via YouTube Protecting the World's Greatest Open Source Ecosystem with Sigstore
Devoxx via YouTube PGP vs Sigstore - The Match at Maven Central
Devoxx via YouTube Securing Your Infrastructure as Code Pipeline
Linux Foundation via YouTube