phpday > Edition 2024 > What is the secure software supply chain and the current state of the PHP ecosystem

Talk
2024
Past Event

What is the secure software supply chain and the current state of the PHP ecosystem

Language
English

Topics:

Supply Chain

Abstract

In this talk I’ll explain what is the Software Supply Chain, common threats and mitigations and how they apply to IAC ecosystem too. I’ll show off security threats using Terraform and its ecosystem and finally i’ll talk about OCI images talking about digital signatures and SBOM using Sigstore and Syft. I’ll do a live coding session showing off how to deploy secure OCI images on K8S cluster with security policies built with Kyverno, the session includes also security scanning using the generated SBOM.

Video

Related Talks 2024

Talk

Automate all the things with CI/CD in GitHub Actions

2024
English

Talk

Building Fast APIs and Middlewares: Mezzio + Swoole

2024
English

Talk

Decision-making for developers

2024
English

Talk

How to contribute to PHP?

2024
English

Talk

Shrek, Onions and Architecture

2024
English

Talk

Symfony Messenger: the sharpest tool in your PHP toolbox

2024
English

See the archive of the 2024 edition

What is the secure software supply chain and the current state of the PHP ecosystem

Abstract

Video

Related Talks 2024

Automate all the things with CI/CD in GitHub Actions

Building Fast APIs and Middlewares: Mezzio + Swoole

Decision-making for developers

How to contribute to PHP?

Shrek, Onions and Architecture

Symfony Messenger: the sharpest tool in your PHP toolbox

Subscribe to our newsletter

Different paths, same passion.

Real voices. Real value.

Inclusion & openness.

Follow us on