This episode is brought to you by the Cloud Wars Expo. This in-person event will be held from June 28th to 30th at the Moscone Center in San Francisco, California.
00:07 — The recently released secure software factory guidance of the Cloud Native Computing Foundation (CNCF) focuses on software provenance and build activities.
00:31 — The CNCF Secure Software Factory (SSF) guidance emphasizes four overarching principles from the Software Supply Chain whitepaper, each of which is required to ensure secure software delivery from inception to code to production:
- Defense in depth
- Signing and verification
- Artifact metadata analytics
00:48 — The reference architecture ensures software delivered to production is secure.
Want more cybersecurity insights? Subscribe to the Cybersecurity as a Business Enabler channel: