Learn how Autodesk approaches software delivery security at scale through a 38-minute conference talk that explores the power of attestations in securing diverse software development lifecycles. Discover how cryptographically verifiable telemetry bits can be combined to build trust metrics and enable delayed evaluation in software deployment decisions. Follow along as speakers demonstrate the implementation of open-source tools to create verifiable inputs, actions, and outcomes that form comprehensive software lifecycle stories, ultimately ensuring secure and compliant deployments across legacy systems and merged codebases. Gain insights into practical solutions for managing security challenges in complex software environments while maintaining scalability and effectiveness.
The Telemetry of Trust - Using Attestations to Secure Your Software Development Lifecycle with Open Source Tools
Overview
Syllabus
The Telemetry of Trust, Using Attestations to Secure Your SDLC... - Jesse Sanford & Jagadish Ramidi
Taught by
Linux Foundation
Tags
Related Courses
-
![CNCF [Cloud Native Computing Foundation]](https://ccweb.imgix.net/https%3A%2F%2Fwww.classcentral.com%2Fimages%2Flogos%2Finstitutions%2Fcncf-cloud-native-computing-foundation-hz.png?auto=format&blur=200&h=40&ixlib=php-4.1.0&px=16&s=39a7386e89fe41aff1e1aa4e9df07aa2)
Enforceable Software Supply Chain Policies and Attestations Using in-Toto
-
Secure Release Processes with in-Toto Policy Verification
-
Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain
-
Where Does Your Software Really Come From - Artifact Attestations and Open Source Verification
-
How to Trust Your Open Source Software Using Scorecards
-
Secure Your Software Supply Chain Using Observability
![CNCF [Cloud Native Computing Foundation]](https://ccweb.imgix.net/https%3A%2F%2Fwww.classcentral.com%2Fimages%2Flogos%2Finstitutions%2Fcncf-cloud-native-computing-foundation-hz.png?auto=format&h=40&ixlib=php-4.1.0&s=41ac519a3d7def6c705637a8ae3c06c4){kind=small}
