Gedanken und Erkenntnisse – von uns für Sie

Blog

 VORGESCHLAGENER ARTIKEL

Part 5: Supply Chain – SLSA Attestation

Part 5: Supply Chain – SLSA Attestation

After having explained the basics of the SLSA framework, we want to give some insights into SLSA attestations now.
What is an attestation? An attestation is a way to generate authenticated metadata about an artifact. This makes it possible for a consumer of software to find out how it was built, who built it and which build system it was built with.

 NEUESTE ARTIKEL

Part 6: Supply Chain – Introduction to Tekton

TABLE OF CONTENTWhat is Tekton?Installation What is Tekton?   Tekton is an open source CI/CD tool and was initially a project of the Continuous Delivery Foundation. Kubernetes is used as the underlying platform for Tekton and can be extended by using Custom Resource...

Part 5: Supply Chain – SLSA Attestation

After having explained the basics of the SLSA framework, we want to give some insights into SLSA attestations now.
What is an attestation? An attestation is a way to generate authenticated metadata about an artifact. This makes it possible for a consumer of software to find out how it was built, who built it and which build system it was built with.

 Alle Artikel

Part 6: Supply Chain – Introduction to Tekton

Part 6: Supply Chain – Introduction to Tekton

TABLE OF CONTENTWhat is Tekton?Installation What is Tekton?   Tekton is an open source CI/CD tool and was initially a project of the Continuous Delivery Foundation. Kubernetes is used as the underlying platform for Tekton and can be extended by using Custom Resource...

Part 5: Supply Chain – SLSA Attestation

Part 5: Supply Chain – SLSA Attestation

After having explained the basics of the SLSA framework, we want to give some insights into SLSA attestations now.
What is an attestation? An attestation is a way to generate authenticated metadata about an artifact. This makes it possible for a consumer of software to find out how it was built, who built it and which build system it was built with.

Part 4: Supply Chain – SLSA Level & Tracks

Part 4: Supply Chain – SLSA Level & Tracks

In the last blog post, we talked about the SLSA terminology. Now it is time to focus on SLSA level and tracks.
Within the SLSA framework, there are levels and tracks. Depending on them, it possible to incrementally harden and improve different areas of the supply chain.

Part 2: Supply Chain – Frameworks & Tools

Part 2: Supply Chain – Frameworks & Tools

Secure Software Development Framework The Secure Software Development Framework (SSDF) is a framework published by the National Institute of Standards and Technology (NIST) and includes software development practices based on established security practices that make the software development life cycle more secure.

Part 1: Supply Chain – Overview

Part 1: Supply Chain – Overview

Software supply chains are comparable to a supply chain in the real world. Very few companies, whether food or automobile manufacturers, produce all the components required for the end product by themselves – hence it is the same with software supply chains.

Platform Engineering For Cloud-Native Organizations

Platform Engineering For Cloud-Native Organizations

Motivation & IntroductionWithin the last years, enterprises have already migrated large portions of their workload to the cloud – whether it is a private, public or hybrid cloud. However, many companies still fail to grasp all the benefits of cloud computing....

VMware vSphere Permission Propagation Issue

VMware vSphere Permission Propagation Issue

IntroductionEnd of last year we encountered an issue with vSphere Permissions working in a different way than we expected. A customer wanted a quite simple Permissions implementation for his environment. Users in a specific group (Tier1Admins) should be able to...

vRealize Automation and the REST API

vRealize Automation and the REST API

In the course of a customer project, I was able to gain experience in the migration from vRealize Automation 7 (vRA7) to vRealize Automation 8 (vRA8), now renamed VMware Aria Automation. Part of the migration involved transferring Blueprints from vRA7 to Cloud...

Tanzu Vanguard Community

Tanzu Vanguard Community

The Tanzu Vanguard community is a group of experts and thought leaders in the field of modern application development. They come from a variety of backgrounds, including software development, IT operations, and business leadership. The community is focused on the use...

Cisco präsentiert Managed Service Strategie

Cisco präsentiert Managed Service Strategie

Cisco sieht Managed Services als das wichtigste Einkaufsmodell von IT-Leistungen der Zukunft. Der Trend zeichnet sich klar ab: im Jahr 2021 registriert der Hersteller einen Zuwachs von 31% beim Vertrieb seiner Managed Services für Partner. Unter dem Projektnamen Cisco...

vRetreat Event im Februar 2022 – Teil 2: Cohesity

vRetreat Event im Februar 2022 – Teil 2: Cohesity

Im zweiten Teil des vRetreat Events stand eine Präsentation des Herstellers Cohesity auf dem Plan. Cohesity ist ein Hersteller, der sich allgemein gesprochen auf die Verwaltung von Daten spezialisiert hat und darauf aufbauend Applikationen anbietet. Konkret...