Learn about how some ideas for how HashiCorp Waypoint build pipelines could be used in tandem with HashiCorp Vault and Nomad to protect your software from supply chain attacks.
Supply chain attacks are a regular occurance now. More than ever, companies need to have confidence in their CI/CD systems. This means that software build and release needs a fresh look and significant time, thought, and energy spend on how to close the gaps in supply chain security.
The main vectors of attack are in this image from slsa.dev.
There are a number of tools that speaker Bram Vogelaar gives for plugging these holes. Learn about these tools and three HashiCorp tools that can help make the build, release, deploy pipeline both secure and efficient: HashiCorp Waypoint, Vault, and Nomad.
How Weyerhaeuser Automates Secrets with Vault and Terraform
Build Your Own PaaS With Waypoint
A Blueprint for Application Modernization With Waypoint, Dapr, and Ploigos
Why You Need a Faster Secrets Rotation Strategy