Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

GUAC Verification for Software Supply Chain Security

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore the critical role of up-to-date information in software supply chain security through this conference talk. Delve into the implementation of Executive Order 14028, examining the vast metadata from SBOMs, SLSA attestations, vulnerability information, and in-toto ITE-6 attestations. Learn about projects like GUAC and Trustification for effective data collection and analysis. Discover how to integrate OPA with GUAC to create policies that determine whether artifacts are allowed to run in specific environments based on security assessments. Gain insights into enhancing decision-making processes for software deployment and security compliance in cloud native computing.

Syllabus

You Shall Not Pass! Unless You Are GUAC Verified - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of GUAC Verification for Software Supply Chain Security

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.