Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

In-Toto: Protecting Software Supply Chain in Cloud Native and Confidential Containers

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore the CNCF incubator project In-toto and its application in protecting software supply chains for cloud-native environments and confidential containers. Learn how In-toto ensures software integrity from initiation to end-user installation by providing transparency on executed steps, actors involved, and execution order. Discover how In-toto allows users to verify the legitimacy of supply chain steps and actors, addressing various software supply chain integrity issues. Examine the integration of In-toto with Confidential Containers, another CNCF project leveraging hardware TEE for containerized workloads, to provide trusted metadata for system software within TEEs. Gain insights into In-toto's applicability and its potential to resolve challenges in software supply chain security, using Confidential Containers as a practical use case.

Syllabus

In-Toto: Protecting Software Supply Chain in Cloud Native and Application in Confid... Justin Cappos

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of In-Toto: Protecting Software Supply Chain in Cloud Native and Confidential Containers

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.