Explore how Cillium Tetragon and Witness integration simplifies the process of validating build environments and detecting tampered tooling in this 27-minute conference talk. Discover the Witness framework for supply chain security, which implements the in-toto specification and features a modular design extendable for various attestors, backends, and key providers. Learn about an attestation plugin that programs Cillum Tetragon to provide detailed eBPF traces of build steps. Examine the creation of a build policy that verifies traces and blocks the execution of workloads compiled by malicious compilers. Gain insights into enhancing supply chain security and improving the validation process for developers and security engineers.
Verifiable eBPF Traces for Supply Chain Artifacts with Witness and Tetragon
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Verifiable eBPF Traces for Supply Chain Artifacts with Witness and Tetragon - Cole Kennedy
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Enforceable Software Supply Chain Policies and Attestations Using in-Toto
-
In-Toto: Attestations and Software Supply Chain Security
-
Securing Your Container Native Supply Chain with SLSA, GitHub and Tekton
-
Securing the Supply Chain with Witness - A Framework for Supply Chain Security
-
In-Toto: Protecting Software Supply Chain in Cloud Native and Confidential Containers
-
Software Supply Chain Security Case Study at Anaconda
