Securing Container Supply Chain in CI/CD with Notary Project, ORAS and Harbor
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore a comprehensive conference talk on securing container supply chains in CI/CD environments using Notary Project, ORAS, and Harbor. Learn how to address critical challenges in ensuring the security and integrity of container images and OCI artifacts in modern software development. Discover techniques for deploying only trusted, vulnerability-free, and policy-compliant container images in production environments. Gain insights into verifying the authenticity and integrity of OCI artifacts from your organization. Examine the integration of open-source technologies like Harbor, Notary Project, and ORAS into CI/CD pipelines to enhance security and maintain the integrity of container images and associated supply chain artifacts. Delve into practical demonstrations and best practices for implementing robust security measures in containerized workload deployments across various environments and infrastructures.
Syllabus
Securing Container Supply Chain in CI/CD with Notary Project, ORAS and Harbor - Yan Wang, Yi Zha
Taught by
CNCF [Cloud Native Computing Foundation]