Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Notary v2 - Supply Chain Security for Containers

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore a comprehensive overview of Notary v2, a community project aimed at enhancing supply chain security for containers, in this informative conference talk by Justin Cormack from Docker and Steve Lasker from Microsoft. Delve into the project's goals, its role in addressing issues hindering widespread adoption of the existing Notary project, and its integration with other supply chain initiatives. Learn about the requirements, ongoing work, and the roadmap to production for Notary v2. Gain insights into cloud-native software, container security, and pipeline security. Watch a demonstration covering Docker plugin addition, alias creation, ephemeral client support, artifact discovery and pushing, and Docker image pull processes. Discover the "World's Most Simple Assessment," Sbomb, and Reference Graph concepts. Find out where to access more information and resources on this crucial project for registry-native supply chain security.

Syllabus

Intro
Why Notary v2
Cloud native software
Container security
Notary v2 requirements
Work in progress
Pipeline security
Demo
Add Docker plugin
Create alias
Support ephemeral clients
Discover artifacts
Push artifacts into the registry
Docker image pull
Worlds Most Simple Assessment
Sbomb
Reference Graph
Where to find us

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Notary v2 - Supply Chain Security for Containers

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.