Attending this event?
Seattle, WA
December 10–13, 2018
Click Here for More Information & Registration
View Venue Map
View analytic
Thursday, December 13 • 2:35pm - 3:10pm
Deep Dive: TUF - Justin Cappos, NYU & Trishank Kuppusamy, Datadog

Sign up or log in to save this to your schedule and see who's attending!

Log in to leave feedback.
When VCS systems, build pipelines, or signing servers are are compromised, attackers get to distribute malicious versions to millions of unsuspecting users. We present how Datadog used TUF and in-toto to develop, to the best of our knowledge, the industry’s first end-to-end verified pipeline that automatically builds integrations for the Datadog agent. That is, even if this pipeline is compromised, users should not be able to install malware. We will show a demonstration of our pipeline in production being used to protect users of the Datadog agent, and describe how you can use TUF + in-toto secure your own pipeline.

avatar for Justin Cappos

Justin Cappos

Professor, NYU
Justin Cappos is a professor in the Computer Science and Engineering department at New York University. His research includes the TUF project (which is hosted by the Linux Foundation / CNCF), which provides a compromise-resilient mechanism for the secure distribution of software... Read More →
avatar for Trishank Kuppusamy

Trishank Kuppusamy

Chief Security Solutions Engineer, Datadog
Helped to research and develop The Update Framework (TUF), and Uptane.

Thursday December 13, 2018 2:35pm - 3:10pm
2 A/B