Sign up to save your podcasts
Or
Share DrupalBrief: DrupalCon Atlanta - Supply Chain Security in Drupal and Composer
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
DrupalBrief: DrupalCon Atlanta - Supply Chain Security in Drupal and Composer
Send us a text
This Podcast details a presentation on enhancing the security of Drupal and Composer's software supply chain. The speakers discuss the inherent risks in digital supply chains and introduce initiatives like Drupal CMS and automatic updates, emphasizing the critical need for secure component delivery. They explain TUF (The Update Framework) and Rugged as key technologies implemented by the Drupal Association to cryptographically sign and verify Drupal packages. The presentation outlines the technical aspects of public key cryptography, digital signatures, and hash functions used in this process, alongside the architecture and ongoing development of the Rugged server. Ultimately, the goal is to ensure the integrity and authenticity of Drupal installations and updates, protecting against supply chain attacks.
---
This episode of DrupalBrief is sponsored by DrupalForge.org
DrupalBrief.com
View all episodes
By Drupal BriefSend us a text
This Podcast details a presentation on enhancing the security of Drupal and Composer's software supply chain. The speakers discuss the inherent risks in digital supply chains and introduce initiatives like Drupal CMS and automatic updates, emphasizing the critical need for secure component delivery. They explain TUF (The Update Framework) and Rugged as key technologies implemented by the Drupal Association to cryptographically sign and verify Drupal packages. The presentation outlines the technical aspects of public key cryptography, digital signatures, and hash functions used in this process, alongside the architecture and ongoing development of the Rugged server. Ultimately, the goal is to ensure the integrity and authenticity of Drupal installations and updates, protecting against supply chain attacks.
---
This episode of DrupalBrief is sponsored by DrupalForge.org
DrupalBrief.com