Explore strategies for securing software supply chains in this keynote presentation from KubeCon + CloudNativeCon North America 2022. Discover how Shopify protects millions of businesses from supply chain attacks using open-source software and cloud-based defensive techniques. Learn about implementing voucher and grafeas for cluster software control, applying the SLSA framework to establish software trust, and utilizing Falco for detecting malicious behavior. Gain insights into specific techniques for mitigating supply chain attacks and applying traditional defensive methods in cloud environments.
Securing Shopify's Software Supply Chain - Mitigating Supply Chain Attacks
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Intro
Container images
Supply chains
Software risks
Salsa
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
The Evolution of the Software Supply Chain Attack
-
Developer Security Champion: Supply Chain Security
-
Securing Your Software Supply Chain with Sigstore
-
Securing Python Projects Supply Chain
-
Securing Software Supply Chains Using the SLSA Framework
-
Achieving End-to-End Software Supply Chain Security with in-toto
