Explore practical approaches to securing your container native supply chain using SLSA, GitHub, and Tekton in this informative 32-minute conference talk. Learn how to apply SLSA principles to protect your build system, starting with the creation and verification of source code attestations using the in-toto project. Follow a step-by-step demonstration on achieving SLSA Level 2 in popular build systems like Tekton and GitHub Actions. Gain valuable insights into integrating Sigstore with Tekton and discover how to secure existing Tekton instances. Whether you're new to supply chain security or looking to enhance your current practices, this presentation offers actionable strategies for safeguarding your cloud native deployments across various build systems.
Securing Your Container Native Supply Chain with SLSA, GitHub and Tekton
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Securing Your Container Native Supply Chain with SLSA, Github and Te... Laurent Simon & Priya Wadhwa
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Cloud Native Supply Chain Security with Tekton and Sigstore
-
The Chain of Trust - Towards SLSA L3 with Tekton Trusted Artifacts
-
Securing Your Software Supply Chain with Sigstore
-
In-Toto: Attestations and Software Supply Chain Security
-
Securing the Supply Chain: A Practical Guide to SLSA Compliance from Build to Runtime
-
Securing the Supply Chain: A Practical Guide to SLSA Compliance from Build to Runtime
