Professional Training
No reviews

Securing Your Software Supply Chain with Sigstore

edX, Online
Length
7 weeks
Next course start
Start anytime See details
Course delivery
Self-Paced Online
Length
7 weeks
Next course start
Start anytime See details
Course delivery
Self-Paced Online
Visit provider website
Visit this course's homepage on the provider's site to learn more or book!
Visit provider website

Course description

Securing Your Software Supply Chain with Sigstore

Building and distributing software that is secure throughout its entire lifecycle can be challenging, leaving many projects unprepared to build securely by default. Attacks and vulnerabilities can emerge at any step of the chain, from writing to packaging and distributing software to end users. Sigstore is one of several innovative technologies that have emerged to improve the integrity of the software supply chain, reducing the friction developers face in implementing security within their daily work.

This course is designed with end users of Sigstore tooling in mind: software developers, DevOps engineers, security engineers, software maintainers, and related roles. To make the best of this course, you will need to be familiar with Linux terminals and using command line tools. You will also need to have intermediate knowledge of cloud computing and DevOps concepts, such as using and building containers and CI/CD systems like GitHub actions.

This course will introduce you to Cosign, Fulcio, and Rekor, the tools under the Sigstore umbrella, explaining how they support a more secure software supply chain. You will learn how to employ these tools throughout your software development, testing, and distribution processes. Additionally, those who use or implement your software will be able to verify its authenticity through tamper-resistant public logs.

Upon completing this course, you will be able to inform your organization’s security strategy and build software more securely by default.

Upcoming start dates

1 start date available

Start anytime

  • Self-Paced Online
  • Online
  • English

Suitability - Who should attend?

Prerequisites

  • Familiarity with using the command line
  • Intermediate knowlegde of cloud computing and DevOps concepts, such as containers, CI/CD systems, GitHub actions, etc.
  • Familiarity with using and building container images

Outcome / Qualification etc.

What you'll learn

  • Describe the components of Sigstore and how they support a more secure software supply chain.
  • Sign and verify software artifacts with Sigstore.
  • Understand how to implement Sigstore within the software development lifecycle.

Training Course Content
  • Introducing Sigstore
  • Cosign: Container Signing, Verification, and Storage in an OCI Registry
  • Fulcio: A New Kind of Root Certificate Authority For Code Signing
  • Rekor: Software Supply Chain Transparency Log
  • Sigstore: Using the Tools and Getting Involved with the Community
  • Final Exam

Course delivery details

This course is offered through The Linux Foundation, a partner institute of EdX.

1-2 hours per week

Expenses
  • Verified Track -$149
  • Audit Track - Free
Ads

Similar Courses

Supply Chain Management

Convertas Management Consultants
Dubai
From 3,995 USD

Supply Chain Management

London Business Training & Consulting
London
From 3,415 GBP

Supply Chain Management

Lion Heart Consulting
Multiple (2)
From 175 GBP

Supply Chain Management

Lion Heart Consulting
Multiple (2)
From 175 GBP

Supply Chain Management

Global Business Advisors
Multiple (7)

Supply Chain Management (Corporate Training)

Convertas Management Consultants
United Arab Emirates

Supply Chain Management

Alliance Manchester Business School
Manchester
From 4,800 GBP

Project Management for Supply Chain Professionals

London Training for Excellence
Multiple (2)
From 3,951 GBP

Supply Chain Management Workshop

London Business Training & Consulting
London
From 2,045 GBP