Explore the critical aspects of securing content repositories using The Update Framework (TUF) in this informative conference talk. Discover how TUF protects against known attacks on software update systems, learn about its key features, and understand its importance in content delivery. Gain insights into recent developments in TUF and related projects, and delve into proposed new features through a review of a TUF Augmentation Proposal (TAP). Learn how major organizations like Docker, Amazon, and Google leverage TUF to secure software updates, and find out how to get involved in this crucial aspect of cybersecurity.
Securing Content Repositories with The Update Framework (TUF)
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Intro
What are content repositories?
What might go wrong?
It has gone wrong...
The Update Framework (TUF)
Protect Content
Reduce Impact of Key Loss
Recover from Compromise
TUF Project
TUF Deployments
Developer key management
Notary v2 TUF
Integrations
Sigstore's TUF root of trust
Implementation Updates
Questions
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Securing Content Distribution with The Update Framework - TUF
-
Maintaining The Update Framework (TUF) - Insights and Contributions
-
Securing the Software Supply Chain with TUF and Docker - Protecting Against Distribution Attacks
-
No Keys? No Problem - Why You Can Trust Sigstore Signatures
-
TUF-En Up Your Signatures - Enhancing Software Distribution Security
-
Updates from The Update Framework
