Software Signing for Kubernetes Supply Chain & Everybody Else
Cloud Security Podcast16 Okt 2022

Software Signing for Kubernetes Supply Chain & Everybody Else

In this episode of the Virtual Coffee with Ashish edition, we spoke with Luke Hinds (Luke's Twitter) the open source Sigstore project and how it is helping with software signing and protecting the software supply chain

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Luke Hinds (Luke's Twitter)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Ashish's Intro to the Episode

(01:39) https://snyk.io/csp

(05:21) What is the software supply chain and why is it important?

(08:20) Common supply chain attacks in Kubernetes

(09:53) Codecov attack

(11:14 )Kubernetes and API

(14:10) Vulnerability scanning tools

(16:38) Explaining the importance of supply chain security

(19:19) What is a signing service

(19:56 )The SLSA framework

(20:42) Importance of signing service

(23:35) What is Sigstore?

(27:57) What is Lets Encrypt

(31:48) The aim of sigstore

(34:39) What is Co-Sign

(36:40) Co-Signing and non-repudiation

(46:29) Where to start

Episoder(345)

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

In this episode we speak to Francesco Cipollone, Head of Cloud Security Alliance for UK Francesco and Ashish speak about is public cloud secure and if multi-cloud is a good thing, especially if you a...

9 Feb 202034min

Just Eat UK security - cloud security across Scotland uk canada in a world of multi public cloud

Just Eat UK security - cloud security across Scotland uk canada in a world of multi public cloud

In this episode we speak to Stu Hirst, Principal Cloud Security @Just Eat. Stu and Ashish speak about keeping up security in a world of multi cloud, the challenges of recruiting for cloud security, w...

2 Feb 20201h 4min

Cloud Security in Japan - Cloud Security Podcast the Tokyo edition

Cloud Security in Japan - Cloud Security Podcast the Tokyo edition

This episode is a non-sponsored episode which is recording from Ashish's recent visit to Tokyo, Japan. During the trip Ashish caught up with mixed group of cybersecurity professionals who have been wo...

26 Jan 20206min

AZURE vs AWS , Azure Security and Can AZURE be DevOps friendly? - Tanya Janca

AZURE vs AWS , Azure Security and Can AZURE be DevOps friendly? - Tanya Janca

In this episode, we sit with Tanya Janca, previously Senior Cloud Advocate at Microsoft. Tanya & I spoke about the right way to do move workloads to Azure with DevOps. We compared notes on AWS and Azu...

19 Jan 20201h 2min

CLOUD SECURITY JOURNEY OF DOW JONES POST THE AWS CLOUD BREACH , WITH JAY KELATH, PRODUCT SECURITY

CLOUD SECURITY JOURNEY OF DOW JONES POST THE AWS CLOUD BREACH , WITH JAY KELATH, PRODUCT SECURITY

In this episode, we sit with Jay Kelath, Director for Product Security at Dow Jones. Jay & I spoke about the Dow Jones breach and how things changed from top down in Dow Jones for the better. We spoke...

12 Jan 202048min

Networking , recruiting and retaining female engineers, cyber security influencer, personal branding, mentoring for introvert men and women in cyber Security with Jane Frankland

Networking , recruiting and retaining female engineers, cyber security influencer, personal branding, mentoring for introvert men and women in cyber Security with Jane Frankland

In this episode, we sit with Jane Frankland, an award-winning entrepreneur, best-selling author and international speaker. Jane is a CISO advisor and has a diverse background, from being nominated as ...

5 Jan 202056min

Cloud Security and Infosec girls with Vandana Verma

Cloud Security and Infosec girls with Vandana Verma

In this Blue team episode, we sit with Vandana Verma, a Board member of OWASP and was recently awarded “Top influencers in Security and Fire” and “Cybersecurity Women of the year award by Women Cyberj...

23 Des 201935min

AWS Re-invent 2019 Security Announcements - The DevSecOps in AWS edition

AWS Re-invent 2019 Security Announcements - The DevSecOps in AWS edition

In this DevSecOps in AWS episode, we sit with Arjen Schwarz the host of Ambassador Lounge Podcast and review the security releases from AWS Re:invent 2019 and what it means for DevOps teams and securi...

22 Des 201939min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
energi-og-klima
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
tomprat-med-gunnar-tjomlid
fornybaren
rss-impressions-2
shifter
teknologi-og-mennesker
smart-forklart
pedagogisk-intelligens
rss-polypod
rss-ai-forklart
rss-alt-vi-kan
rss-ki-praten
kortslutning
rss-forenklingspodden
rss-alt-som-gar-pa-strom