Overview
Explore GitHub Actions authentication methods for Azure and SLSA principles in DevOps in this comprehensive conference talk featuring Marcel Lupo and Joshua Lock. Dive into the comparison of two Azure authentication approaches, highlighting the benefits of switching to a passwordless method using Open ID Connect (OIDC). Learn about SLSA principles and their application in DevSecOps processes, including the threat model guiding SLSA, security levels, and future plans for the open source project. Gain valuable insights from Marcel Lupo, a Microsoft MVP and Cloud Solutions & DevOps Architect, and Joshua Lock, an Open Source Software Supply Chain Security Architect at Verizon. Discover how to contribute to the SLSA project and enhance your understanding of software supply chain security in this informative 1-hour 18-minute presentation from DevSecCon London.
Syllabus
GitHub-Azure Authentication and SLSA in DevOps with Marcel Lupo and Joshua Lock
Taught by
DevSecCon