Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore a comprehensive conference talk on securing software supply chains using in-toto and The Update Framework (TUF). Learn about the alarming increase in software supply chain attacks and discover how these CNCF projects work together to counter threats. Understand the fundamentals of in-toto for creating verifiable attestations about supply chain steps and artifacts, and how TUF secures software repositories against various attacks. Examine a real-world case study demonstrating the combined use of in-toto and TUF, and get introduced to new open-source tools that simplify their joint deployment. Gain valuable insights into protecting your software distribution process and ensuring end-to-end supply chain integrity.
Syllabus
Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain - Marina Moore & Aditya Yelgundhalli
Taught by
Linux Foundation
Tags
Related Courses
Hardening Your Soft Software Supply ChainPluralsight DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
Pluralsight Securing Your Software Supply Chain with Sigstore
Linux Foundation via edX GitHub Supply Chain Security Using GitGat
Linux Foundation via edX Kyverno - Deep Dive - Tech Talks
Mirantis via YouTube