Explore practical hands-on guides for securing software with open-source tools in this 35-minute conference talk. Dive into the multilayered approach to software supply chain security, covering various tools and concepts across the entire software lifecycle. Learn about defense in depth strategies to fortify your supply chain, from building and packaging applications to managing dependencies and performing code scans. Discover methods for establishing trust throughout the software delivery process and ensuring only necessary components reach production. Gain insights into tools like cosign, sigstore components, gitsign, kyverno, and policy controllers for Kubernetes to enhance your software supply chain security.
Practical Guides for Enhancing Your Software Supply Chain Security
Overview
Syllabus
[VDBUH2024] - Abdel Sghiouar - Practical Guides for Enhancing Your Software Supply Chain Security
Taught by
Devoxx
Related Courses
-
Securing Your Software Supply Chain with Sigstore
-
DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
-
Hardening Your Soft Software Supply Chain
-
SLSA, SigStore, SBOM & Software Supply Chain Security - What Does It All Mean?
-
Securing Kubernetes Manifests with Sigstore Cosign - Options and Best Practices
-
Hands-on Introduction to Sigstore - Securing the Software Supply Chain
