Verifiable eBPF Traces for Supply Chain Artifacts with Witness and Tetragon

Explore how Cillium Tetragon and Witness integration simplifies the process of validating build environments and detecting tampered tooling in this 27-minute conference talk. Discover the Witness framework for supply chain security, which implements the in-toto specification and features a modular design extendable for various attestors, backends, and key providers. Learn about an attestation plugin that programs Cillum Tetragon to provide detailed eBPF traces of build steps. Examine the creation of a build policy that verifies traces and blocks the execution of workloads compiled by malicious compilers. Gain insights into enhancing supply chain security and improving the validation process for developers and security engineers.

Verifiable eBPF Traces for Supply Chain Artifacts with Witness and Tetragon - Cole Kennedy