Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Verifiable eBPF Traces for Supply Chain Artifacts with Witness and Tetragon

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore how Cillium Tetragon and Witness integration simplifies the process of validating build environments and detecting tampered tooling in this 27-minute conference talk. Discover the Witness framework for supply chain security, which implements the in-toto specification and features a modular design extendable for various attestors, backends, and key providers. Learn about an attestation plugin that programs Cillum Tetragon to provide detailed eBPF traces of build steps. Examine the creation of a build policy that verifies traces and blocks the execution of workloads compiled by malicious compilers. Gain insights into enhancing supply chain security and improving the validation process for developers and security engineers.

Syllabus

Verifiable eBPF Traces for Supply Chain Artifacts with Witness and Tetragon - Cole Kennedy

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Verifiable eBPF Traces for Supply Chain Artifacts with Witness and Tetragon

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.