Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore the integration of Software Bill of Materials (SBOM) and enhanced vulnerability scanning in Harbor using OCI 1.1 in this informative conference talk. Discover how the rise of software supply chain attacks has increased interest in supply chain security through SBOM utilization. Learn about the SBOM integration between the Harbor project and Aqua Trivy scanner, including the current support for manually attaching SBOM artifacts to subject images. Understand how leveraging OCI distribution-spec 1.1 enables auto-generation and auto-association of SBOMs, enhancing software building process visibility. Gain insights into the streamlined vulnerability scanning process, which eliminates repetitive container image analysis. Explore the new Harbor scanner pluggable spec, offering compatibility and flexibility for large-scale container security management. Watch a demonstration of SBOM generation and scanning for vulnerabilities, providing practical knowledge for implementing these security measures in your own projects.

Syllabus

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.