Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore a comprehensive conference talk on securing software supply chains using in-toto and The Update Framework (TUF). Learn about the alarming increase in software supply chain attacks and discover how these CNCF projects work together to counter threats. Understand the fundamentals of in-toto for creating verifiable attestations about supply chain steps and artifacts, and how TUF secures software repositories against various attacks. Examine a real-world case study demonstrating the combined use of in-toto and TUF, and get introduced to new open-source tools that simplify their joint deployment. Gain valuable insights into protecting your software distribution process and ensuring end-to-end supply chain integrity.
Syllabus
Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain - Marina Moore & Aditya Yelgundhalli
Taught by
Linux Foundation
Tags
Related Courses
Software Supply Chain Security Case Study at AnacondaLinux Foundation via YouTube Securing the Container Supply Chain with Notary, TUF, and Gatekeeper
Linux Foundation via YouTube Improving Package Repository Security - From White Papers to Practice
Linux Foundation via YouTube Container Security: Supply Chain, Authorization, and Runtime Protection
Docker via YouTube Using Docker Content Trust with Kubernetes Admission Controllers to Secure Runtime
Docker via YouTube