Securing Container Supply Chain in CI/CD with Notary Project, ORAS and Harbor

Explore a comprehensive conference talk on securing container supply chains in CI/CD environments using Notary Project, ORAS, and Harbor. Learn how to address critical challenges in ensuring the security and integrity of container images and OCI artifacts in modern software development. Discover techniques for deploying only trusted, vulnerability-free, and policy-compliant container images in production environments. Gain insights into verifying the authenticity and integrity of OCI artifacts from your organization. Examine the integration of open-source technologies like Harbor, Notary Project, and ORAS into CI/CD pipelines to enhance security and maintain the integrity of container images and associated supply chain artifacts. Delve into practical demonstrations and best practices for implementing robust security measures in containerized workload deployments across various environments and infrastructures.

Securing Container Supply Chain in CI/CD with Notary Project, ORAS and Harbor - Yan Wang, Yi Zha