Overview
Explore techniques and tools for building secure container images in this informative conference talk. Learn about the distroless philosophy, the importance of updating images and dependencies, and how to use apko for building container images with SBOMs and complete reproducibility. Discover the benefits of signing images with Sigstore and how these security measures can simplify and speed up your systems. Gain valuable insights into addressing common security concerns, improving SLSA levels, and enhancing the overall security of your supply chain without compromising usability or productivity.
Syllabus
Building Images for the Secure Supply Chain - Adrian Mouat, Chainguard
Taught by
CNCF [Cloud Native Computing Foundation]