Explore the world of software supply chain security in this 35-minute conference talk from DevConf.CZ 2023. Delve into Project Sigstore, a new standard for signing, verifying, and protecting software, with a focus on its application for Python developers. Learn how to leverage the sigstore-python client to secure Python projects and distribute artifacts safely and efficiently. Gain insights into addressing the rising threat of software supply chain attacks targeting third-party dependencies. Discover accessible methods for tracing software back to its source without requiring extensive knowledge of cryptographic protocols used in generating and verifying artifact signatures.
Overview
Syllabus
An introduction to Sigstore for Pythonistas - DevConf.CZ 2023
Taught by
DevConf
Related Courses
-
Securing Your Software Supply Chain with Sigstore
-
Zero Trust Supply Chains with Project Sigstore and SPIFFE
-
Sigstore: Past, Present and Future Directions
-
Securing Python Projects Supply Chain
-
Sigstore: Using Transparent Digital Signatures to Help Secure the Software Supply Chain
-
Hands-on Introduction to Sigstore - Securing the Software Supply Chain
