Training & Certification

Express Learning > Cybersecurity

Express Learning Course

Dive into the concept of automating security efforts for consuming & delivering software.

Who Is It For

This course is designed for software developers, open source maintainers, and IT security professionals.

read less read more

What You’ll Learn

Learn about software provenance, the role of source control, dependency tracking and creation of SBOMs. Get familiar with SBOM and signatory tools, and apply cosign and SLSA workflows with GitHub Actions.

read less read more

What It Prepares You For

By the end of this course, you should be able to create a plan for your own project to begin automating supply chain security.

read less read more

Course Outline

Chapter 1. Course Introduction

Chapter 2. Introduction to Software Provenance

Chapter 3. The Role of Source Control

Chapter 4. The Role of Dependency Tracking

Chapter 5. The Role of Tags and Signatures

Chapter 6. Automate Your Project’s Provenance

Prerequisites

To get the most possible value from this course, you should be familiar with the following:

Git
Command line tools
Continuous Integration
Semantic Versioning

Reviews

Jul 2024

It covered SLSA broadly and deeply enough for a user to know where to start, and how to begin to start/improve their software provenance journey.

Jun 2024

It's SBOM & SLSA 101 to a degree and I liked the simplicity and to the point approach.

Jun 2024

The course provided lots of examples of tools that can be used for SBOMs.

Jun 2024

Very applicable with detailed instructions about what we should do. I liked that it focused on the tools we actually use (eg. GoLang, GitHub, Macs, etc)

Apr 2024

I like that I am able to implement these practices on my projects at hand.

Mar 2024

Good content, short and sweet.

Mar 2024

I'm rather new to this topic, and this course provided information in a very clear way.

Mar 2024

Value of information. I apply this process in my work.

Mar 2024

Some of the links to external resources have been particularly useful for exploring the topic in more detail.

Feb 2024

The specific focus for automation and the overall end-to-end perspective.

Feb 2024

Short and easy-to-understand introduction into supply chain security.

Sep 2023

I liked the link to using sigstore with github, signing commits.

Sep 2023

The Argo CD example, and continuous focus around provenance, which was the first step required to achieve SLSA level 1 requirements.

Course only

Enroll Today

100% Money Back Guarantee

Includes

Online, Self Paced

60-90 Minutes of Course Material

Quizzes

12 Months of Access to Online Course

Digital Badge

Discussion Forums

Get a Quote

Get help to convince your boss.

Experience Level: Beginner

Gift this course

Training more than 10 people?Get a corporate quote.

Stay Up to Date

Get early access to the latest Linux Foundation Training news, tutorials and exclusive offers – available only for monthly newsletter subscribers.

Get exclusive discounts, news, and more with our free newsletter

Name*
First Last
Email*
{"image":"/wp-content/themes/lf/images/newsletter.png"}
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

We won’t ever send you spam, promise.

© 2024 Linux Foundation - Education. The Linux Foundation®. All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page. Linux is a registered trademark of Linus Torvalds.
Terms of Use | Privacy Policy | Bylaws | Trademark Usage | Antitrust Policy | Good Standing PolicyAccelerated by

Automating Supply Chain Security: SBOMs and Signatures (LFEL1007)

Stay Up to Date