Who's Verifying Your Signatures? Approaching Private Container Image Signing
CNCF [Cloud Native Computing Foundation] via YouTube
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
Learn Generative AI, Prompt Engineering, and LLMs for Free
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore the challenges and solutions for private container image signing in this 26-minute conference talk from KubeCon + CloudNativeCon Europe 2023. Delve into the growing importance of software supply chain security and the differences between open source and private container image signing. Learn about various signing technologies, including Sigstore and Notary v2, and their applications in internal Kubernetes software supply chains. Discover Datadog's security team's insights on implementing integrity controls for private container images, comparing open source and internal signing processes. Gain valuable knowledge on scaling signing frameworks and addressing unique challenges in private environments.
Syllabus
Introduction
About Datadog
Agenda
Why
Tools
Survey Tools
Notary V1
Graphase
Notary V2
Update Framework
Cosine
How are we using Datadog
Requirements
Demo
Conclusion
Taught by
CNCF [Cloud Native Computing Foundation]