Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a 26-minute conference talk from DockerCon 2023 focusing on supply chain security in enterprise environments. Dive into the challenges posed by the extensive use of open source software, where even small systems can have thousands of dependencies, and large enterprises track millions of components. Discover how Lockheed Martin is leveraging open source solutions like the Sigstore product suite and TestifySec's Archivista to enhance software supply chain transparency and accountability. Learn about programmatic evidence generation for software builds, including dependency provenance. Gain insights from Patrick Kwiatkowski, a Software Engineer at Lockheed Martin, on implementing open source solutions to address supply chain security challenges in large-scale enterprise settings.