Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Supply Chain Security: Building a Knowledge Graph for Artifact Relationships

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore the complexities of software supply chain security in this 34-minute conference talk from KubeCon + CloudNativeCon Europe. Delve into the challenges of identifying vulnerabilities and understanding the impact of potential compromises in the software supply chain. Learn about a novel supply chain knowledge graph tool that combines information from SBOMs, in-toto/SLSA attestations, and other sources to provide a comprehensive view of artifact relationships and dependencies. Discover how this approach can help answer critical questions about the extent of potential security breaches and reveal often-overlooked dependencies in build systems. Gain insights into improving your organization's ability to assess and mitigate risks in the increasingly sophisticated landscape of supply chain attacks.

Syllabus

It's Dangerous To SLSA Alone Out There! Take This Artifact... - Mihai Maruseac & Michael Lieberman

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Supply Chain Security: Building a Knowledge Graph for Artifact Relationships

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.