Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Secure Kubernetes Supply Chain: Lessons and Tools for Project Releases

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore the evolution of security features in Kubernetes releases and their impact on the software supply chain in this 34-minute conference talk. Discover how SIG Release has improved the Kubernetes release process since version 1.22, creating tools and processes that benefit the entire ecosystem. Learn about three key technologies: SBOMs for describing sources, artifacts, and dependencies; provenance attestations for SLSA compliance; and digital signatures implementation. Gain valuable insights into lessons learned and practical tools you can apply to secure your own project releases, enhancing trust and reliability in the software supply chain.

Syllabus

Make the Secure Kubernetes Supply Chain Work for You - Adolfo García Veytia, Chainguard

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Secure Kubernetes Supply Chain: Lessons and Tools for Project Releases

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.