Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Secure Release Processes with in-Toto Policy Verification

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Learn how to enforce secure software release processes through in-toto policy verification in this 33-minute conference talk from CNCF. Discover how attestations created for each development step provide verifiable evidence of compliance, and explore recent community enhancements to in-toto layouts for policy enforcement. Master the creation of flexible policies for various software development lifecycle processes, from initial code commits to production releases. Examine practical approaches to verifying attestations across multiple areas including code reviews, SBOM integrity, testing procedures, vulnerability scanning, and build provenance using SLSA standards. Gain valuable insights into implementing compliant and secure software development processes that meet organizational requirements.

Syllabus

Secure Release Processes with in-Toto Policy Verificati... John Kjell & Aditya Sirish A Yelgundhalli

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Secure Release Processes with in-Toto Policy Verification

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.