Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

The Update Framework (TUF) Maintainer Panel: Integrations, Enhancements, and Supply Chain Security

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Participate in a 40-minute panel discussion featuring maintainers from The Update Framework (TUF) projects, moderated by Andrew Krug from Datadog. Gain insights into new and upcoming TUF integrations and enhancements, exploring how the specification provides compromise-resilient security for software updates and distribution. Learn about TUF implementations in Python, Go, and Rust, used in production by organizations like Datadog, AWS BottleRocket, Google Fuchsia, and Sigstore. Discover the project's current state, its role in improving supply chain security, and behind-the-scenes perspectives on integrations with Sigstore and PyPI. Explore unique challenges surrounding maintenance, vulnerability disclosure, and consumption of an open-source project with multiple implementations. The discussion covers topics such as software repository management, top projects, cross-compatibility, continuous improvement, and future directions for TUF.

Syllabus

Intro
Introductions
Andrew Krug
Software Repository
Top Project
Cross Compatibility
Continuous Improvement
Whats Next

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of The Update Framework (TUF) Maintainer Panel: Integrations, Enhancements, and Supply Chain Security

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.