Presentation

Plugging Supply-Chain Attack Vectors with HashiCorp Vault, Nomad, and Waypoint

Published 5:00 PM UTC Aug 30, 2022

Learn about how some ideas for how HashiCorp Waypoint build pipelines could be used in tandem with HashiCorp Vault and Nomad to protect your software from supply chain attacks.

Supply chain attacks are a regular occurance now. More than ever, companies need to have confidence in their CI/CD systems. This means that software build and release needs a fresh look and significant time, thought, and energy spend on how to close the gaps in supply chain security.

»Supply Chain Security & HashiCorp

The main vectors of attack are in this image from slsa.dev.

Supply chain attack vectors

There are a number of tools that speaker Bram Vogelaar gives for plugging these holes. Learn about these tools and three HashiCorp tools that can help make the build, release, deploy pipeline both secure and efficient: HashiCorp Waypoint, Vault, and Nomad.

More resources like this one

  • 4/11/2024
  • FAQ

Introduction to HashiCorp Vault

Vault identity diagram
  • 12/28/2023
  • FAQ

Why should we use identity-based or "identity-first" security as we adopt cloud infrastructure?

  • 3/14/2023
  • Article

5 best practices for secrets management

  • 2/3/2023
  • Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

View all resources