Overview
Explore the latest advancements in software supply chain security through a 36-minute conference talk from DockerCon 2023. Dive into the challenges of security assessment for third-party Docker images and learn how BuildKit's reproducible builds technique addresses these concerns. Discover how to create verifiable, bit-for-bit identical images from source code, enhancing trust and mitigating risks of malicious code injection or credential leakage. Gain practical insights on implementing reproducible builds to improve image trustworthiness and overall supply chain security. Access additional resources on Docker BuildKit, SBOM generation, and container basics to further enhance your knowledge and skills in secure software development and DevOps practices.
Syllabus
Reproducible Builds with BuildKit for Software Supply Chain Security (DockerCon2023)
Taught by
Docker