ON-DEMAND WEBINAR
Secure by Design: How Conda Signature Verification Secures Your Software Pipeline from the Start
About this Webinar
In this session, we discuss the content trust features in conda and the Anaconda Professional Repository. We’ll describe the design of conda’s package signature verification functionality and its trust architecture, and identify the threats they protect against. Finally, we’ll highlight what’s next for Anaconda content trust as we continue to work to better secure the conda package ecosystem.
Meet Our Speaker
Sebastien Awwad
Former Senior Security Engineer, Anaconda
In their role as Senior Security Engineer at Anaconda, Sebastien are responsible for packaging supply chain security. Prior to Anaconda, Sebastien was part of NYU’s Secure Systems Lab. There, they maintained and developed for The Update Framework (TUF), a security framework for package managers, and in-toto, a supply-chain security framework. Sebastien also helped develop Uptane, an extension and adaptation of TUF for the automotive sector, wrote Uptane’s reference implementation, worked on the Uptane Specification, and worked with folks in the automotive industry to achieve broad adoption.