Sign up to save your podcasts
Or
Share Sigstore | Sign Your Startup's Software SBOM!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Sigstore | Sign Your Startup's Software SBOM!
Sigstore is an open-source project that aims to improve software supply chain security by allowing software developers and users to securely sign and verify software artifacts. The project uses ephemeral signing keys to ensure that keys do not need to be managed. All signing events are recorded in a tamper-resistant public log, which allows for the auditing of signing events. Sigstore addresses the weaknesses of traditional methods of artifact signing by moving away from a key-based approach and towards an identity-based approach, which makes the process more convenient and secure. The project is supported by the Open Source Security Foundation (OpenSSF) under the Linux Foundation.
Send us a text
Support the show
Podcast:
https://kabir.buzzsprout.com
YouTube:
https://www.youtube.com/@kabirtechdives
Please subscribe and share.
View all episodes
By Kabir
4.7
3333 ratings
Sigstore is an open-source project that aims to improve software supply chain security by allowing software developers and users to securely sign and verify software artifacts. The project uses ephemeral signing keys to ensure that keys do not need to be managed. All signing events are recorded in a tamper-resistant public log, which allows for the auditing of signing events. Sigstore addresses the weaknesses of traditional methods of artifact signing by moving away from a key-based approach and towards an identity-based approach, which makes the process more convenient and secure. The project is supported by the Open Source Security Foundation (OpenSSF) under the Linux Foundation.
Send us a text
Support the show
Podcast:
https://kabir.buzzsprout.com
YouTube:
https://www.youtube.com/@kabirtechdives
Please subscribe and share.
More shows like Kabir's Tech Dives
View all
Hard Fork
5,427 Listeners