Demystify Secure Software Supply Chain Metadata
Offered By: Docker via YouTube
Course Description
Overview
Explore the intricacies of secure software supply chain metadata in this 37-minute conference talk from DockerCon 2023. Gain clarity on key concepts like SBOMs, SLSA, provenance, attestations, signatures, and VEX, and understand how they interconnect to enhance software supply chain security. Learn to create top-tier container images with signed SBOMs and provenance attestations using Docker tools that adhere to the highest supply chain standards. Discover how Docker BuildKit, Docker Scout, and GitHub Actions can be leveraged to implement these security measures. Get insights into the White House Executive Order on software supply chain security and its implications for development teams. Dive into the principles underpinning a secure software supply chain and explore various types of metadata crucial for maintaining security standards in container images.
Syllabus
Demystify Secure Software Supply Chain Metadata (DockerCon 2023)
Taught by
Docker
Related Courses
Cut Through Vulnerability Noise with Runtime InsightsDocker via YouTube Node.js Best Practices in Docker - 2023 Edition
Docker via YouTube Mastering the Container Security Model - Best Practices and Tools
Docker via YouTube DevSecOps Tutorial - Building a Pipeline with GitHub Actions and Docker Scout
TechWorld with Nana via YouTube Docker Tutorial for Beginners - Dockerize Any App in 2024
JavaScript Mastery via YouTube