Securing Your Container Native Supply Chain with SLSA, GitHub and Tekton
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore practical approaches to securing your container native supply chain using SLSA, GitHub, and Tekton in this informative 32-minute conference talk. Learn how to apply SLSA principles to protect your build system, starting with the creation and verification of source code attestations using the in-toto project. Follow a step-by-step demonstration on achieving SLSA Level 2 in popular build systems like Tekton and GitHub Actions. Gain valuable insights into integrating Sigstore with Tekton and discover how to secure existing Tekton instances. Whether you're new to supply chain security or looking to enhance your current practices, this presentation offers actionable strategies for safeguarding your cloud native deployments across various build systems.
Syllabus
Securing Your Container Native Supply Chain with SLSA, Github and Te... Laurent Simon & Priya Wadhwa
Taught by
CNCF [Cloud Native Computing Foundation]