NPM and Sigstore - Provenance Comes to the World's Largest OSS Ecosystem

Overview

Explore a 39-minute conference talk from Black Hat detailing GitHub's efforts to secure the Javascript ecosystem through provenance integration and partnership with Sigstore. Discover how npm, the world's largest language ecosystem, is addressing malware attacks and supply chain trojans by implementing software signing. Learn about the challenges and solutions in securing a system that serves over 70 billion requests monthly and processes around 40,000 publish events daily. Gain insights from speakers Trevor Rosen and Zach Steindler on the future of open-source software security and the role of provenance in protecting the npm ecosystem.

Syllabus

npm and Sigstore: Provenance Comes to the World's Largest OSS Ecosystem

Taught by

Black Hat

Reviews

Start your review of NPM and Sigstore - Provenance Comes to the World's Largest OSS Ecosystem

Coursera Cuts Jobs Despite $100M Revenue Milestone

Most common

Popular subjects

Popular courses

NPM and Sigstore - Provenance Comes to the World's Largest OSS Ecosystem

Overview

Syllabus

Taught by

Reviews

Coursera Cuts Jobs Despite $100M Revenue Milestone

Taught by

Bringing Provenance to Open Source - Lessons from Npm's Sigstore Integration

Sigstore: 2024 and Beyond

Protecting the World's Greatest Open Source Ecosystem with Sigstore

Securing the Open Source Software Supply Chain

Never Stop Learning.