Overview
Explore the innovative Sigstore project for securing the software supply chain in this 27-minute conference talk by Bob Callaway, Tech Lead & Manager of Google's Open Source Security Team. Dive into the use of transparent digital signatures as a powerful tool for enhancing open source software security. Learn how Sigstore addresses the pervasive nature of open source software in data centers, consumer devices, and applications. Discover the importance of combining automated tooling, best practices, education, and collaboration in securing open source supply chains. Gain insights into OpenSSF initiatives and their role in advancing open source technology security. Consider joining the growing list of organizations supporting and funding the development and adoption of these crucial security measures.
Syllabus
Sigstore: Using Transparent Digital Signatures to Help Secure the Software SupplyChain- Bob Callaway
Taught by
OpenSSF