Securing the Software Supply Chain with TUF and Docker - Protecting Against Distribution Attacks

Overview

Explore the critical aspects of securing software distribution and updates in this 40-minute conference talk. Learn about The Update Framework (TUF) and its integration with Docker's Notary software to protect against various attack vectors. Discover how TUF addresses key revocation, mitigates man-in-the-middle attacks, and reduces the impact of repository compromise. Examine new techniques for verifying different stages of the software supply chain, including development, build, and quality assurance processes. Gain insights into the roles of various stakeholders, the concept of Darker Manifests, and the importance of standardization in enhancing software security.

Syllabus

Intro
What is an attack vector
Can we just apply crypto
Is it easy to provide security
Support dont judge
Roles
TUF
Is Docker vulnerable
Docker is secure
Darker Manifests
Whats Next
Attackers
Backdoors
Project Owner
Conclusion
standardization process
questions

Taught by

Docker

Reviews

Start your review of Securing the Software Supply Chain with TUF and Docker - Protecting Against Distribution Attacks

From Zero to Cybersecurity Analyst

Most common

Popular subjects

Popular courses

Securing the Software Supply Chain with TUF and Docker - Protecting Against Distribution Attacks

Overview

Syllabus

Taught by

Reviews

From Zero to Cybersecurity Analyst

Taught by

Talking TUF: Securing Software Distribution

TUF-En Up Your Signatures - Enhancing Software Distribution Security

Secure Transport for Your Software Supply Chain with TUF

Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain

Containerize Your Applications: 10 Best Docker Courses for 2024

Never Stop Learning.