Overview
Explore practical hands-on guides for securing software with open-source tools in this 35-minute conference talk. Dive into the multilayered approach to software supply chain security, covering various tools and concepts across the entire software lifecycle. Learn about defense in depth strategies to fortify your supply chain, from building and packaging applications to managing dependencies and performing code scans. Discover methods for establishing trust throughout the software delivery process and ensuring only necessary components reach production. Gain insights into tools like cosign, sigstore components, gitsign, kyverno, and policy controllers for Kubernetes to enhance your software supply chain security.
Syllabus
[VDBUH2024] - Abdel Sghiouar - Practical Guides for Enhancing Your Software Supply Chain Security
Taught by
Devoxx