The Cloud Native Computing Foundation's Software Supply Chain Best Practices and reference architecture highlights the necessary steps and required functionality to increase the security level of open-source software development and to minimize risks and vulnerabilities in the software supply chain. The webinar focuses on the code-integrity side of this issue and will include a demonstration of a new open-source tool to extend project SigStore to serverless functions. The tool enables code signing and corresponding validation prior to serverless function execution, as well as functionality that extends the integrity validation to the CI phase of development.
Cisco Emerging Technologies & Innovation
Engineering Product Manager