Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Untrusted Execution - Attacking the Cloud Native Supply Chain

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore the critical issue of supply chain security in cloud native environments through this 37-minute conference talk by Andrew Martin of ControlPlane. Delve into the complexities of trusting code in production, examining potential vulnerabilities in system supply chains and the challenges posed by malicious actors. Analyze various signing options and their effectiveness in securing different components of the supply chain, from source code and dependencies to CI/CD pipelines and vendor software. Engage in a risk-based threat modeling exercise, compare available open source supply chain security controls, and investigate trusted execution environments. Conclude with a proposed solution for comprehensive end-to-end supply chain security, equipping yourself with valuable insights to enhance the security posture of your cloud native systems.

Syllabus

Untrusted Execution: Attacking the Cloud Native Supply Chain - Andrew Martin, ControlPlane

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Untrusted Execution - Attacking the Cloud Native Supply Chain

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.