Viewing Images Through Layered SBOMs

Explore the concept of viewing images through layered Software Bills of Materials (SBOMs) in this 23-minute conference talk by Jim Clark, Principal Software Engineer at Docker. Learn how to generate SBOMs and gain insights into the distribution of packages across Docker image layers. Discover the importance of understanding layer ownership, tracking content, and identifying shared components. Examine the significance of public data in this context and understand why this approach is valuable. Delve into strategies for reacting to findings and get practical advice on getting started with layered SBOMs. Address challenges such as dealing with noise in the data. By the end of this talk, gain a comprehensive understanding of how to leverage layered SBOMs to enhance your knowledge of your application's composition and improve container runtime security.