Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Leveraging SBOMs to Automate Packaging, Transfer, and Reporting of Dependencies Between Secure Environments

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore an innovative approach to utilizing Software Bill of Materials (SBOMs) in a conference talk from KubeCon + CloudNativeCon Europe. Learn how Lockheed Martin leverages the CycloneDX Specification as a packaging standard to validate and transfer assets across network boundaries, particularly in secure environments with strict controls. Discover how this method enables development teams to update build dependencies without network connectivity and create "seeding" deployments for Cloud Native infrastructure. Witness a demonstration of Hoppr, an open-source tool with an extendable plugin architecture, designed for security validation and multi-team transfers using CycloneDX SBOMs. Gain insights into collecting items based on purls, running validation, and creating transfers for secure environments in this 26-minute presentation by Ian Dunbar-Hall and Jerod Heck.

Syllabus

Leveraging SBOMS to Automate Packaging, Transfer, and Reporting of D... Ian Dunbar-Hall & Jerod Heck

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Leveraging SBOMs to Automate Packaging, Transfer, and Reporting of Dependencies Between Secure Environments

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.