Explore techniques and tools for building secure container images in this informative conference talk. Learn about the distroless philosophy, the importance of updating images and dependencies, and how to use apko for building container images with SBOMs and complete reproducibility. Discover the benefits of signing images with Sigstore and how these security measures can simplify and speed up your systems. Gain valuable insights into addressing common security concerns, improving SLSA levels, and enhancing the overall security of your supply chain without compromising usability or productivity.
Overview
Syllabus
Building Images for the Secure Supply Chain - Adrian Mouat, Chainguard
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Kubernetes Security: Implementing Supply Chain Security
-
Open Tools for Secure Supply Chains in Kubernetes - From Release Engineering
-
Building Images for the Secure Supply Chain
-
Secure Kubernetes Supply Chain: Lessons and Tools for Project Releases
-
Demystify Secure Software Supply Chain Metadata
-
Building the Software Supply Chain on Docker Official Images
