Has your security team started to ask questions about the White House Executive Order to enhance the security of the software supply chain? Have you heard the terms SBOM, SLSA, provenance, attestations, signatures, or VEX but don’t quite know how those pieces tie together? Learn how you can create best-in-class container images with signed SBOMs and provenance attestations using Docker tools adhering to the highest supply chain standards. We cover various types of metadata and principles that underpin a secure software supply chain. In this talk, we use Docker BuildKit, Docker Scout, and GitHub Actions.
Try Docker Scout now.
Resources:
Docker Scout announcement: https://www.docker.com/blog/announcing-docker-scout-ga/
Docker Scout product page: https://www.docker.com/products/docker-scout/
Docker Scout Design Partner Program:https://www.docker.com/scout-design-partner-program/
Try Docker Scout: https://www.docker.com/products/docker-scout/
Looking to get up and running? Use our Quickstart guide: https://docs.docker.com/scout/quickstart/
Highlights from DockerCon 2023 New Docker Local, Cloud, and AI/ML Innovations :https://www.docker.com/blog/highlights-from-dockercon-2023/
Join the conversation!
LinkedIn → https://dockr.ly/LinkedIn
Twitter → https://dockr.ly/Twitter
Facebook → https://dockr.ly/Facebook
Instagram → https://dockr.ly/Instagram
ABOUT DOCKER: Docker provides a suite of development tools, services, trusted content, and automations, used individually or together, to accelerate the delivery of secure applications.
#docker #devops #
