Explore the critical issue of secure container image delivery in this 21-minute conference talk from the Cloud Native Computing Foundation. Learn about The Update Framework (TUF), a security-focused project designed to prevent, detect, and mitigate attacks on software distribution infrastructure. Discover TUF's basic architecture, its protection mechanisms against real-world attacks, and how it can restore a repository's security even after organizational security errors. Gain insights into the importance of updates, attacker compromise methods, compromise resilience, targets metadata, and other TUF implementations.
Overview
Syllabus
Introduction
What is TUF
Why updates are important
How attackers compromise
Compromise resilience
Targets metadata
Other implementations
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Securing Content Distribution with The Update Framework - TUF
-
Beyond Signatures - Using TUF and Notary to Secure Software Distribution
-
Securing the Software Supply Chain with TUF and Docker - Protecting Against Distribution Attacks
-
Deep Dive - What's New With TUF?
-
TUF-En Up Your Signatures - Enhancing Software Distribution Security
-
No Keys? No Problem - Why You Can Trust Sigstore Signatures
