Building Secure & Auditable Container Images Using Chainguard's Tooling: Melange, Apko & Wolfi
This video is also available in the GOTO Play video app! Download it to enjoy offline access to our conference videos while on the move.
or
Using minimal container images with known, auditable contents (the much-hyped SBOM) is a critical part of taking control of your supply-chain security. These images are smaller, more up-to-date, and more secure. You might have started down this path by using multi-stage builds and scratch or distroless base images. Recently, Chainguard has released a set of tooling that takes this to the next level. In this practical session, Matt will walk you through using these tools, showing you how to make small, minimal images, along with SBOMs for their entire contents. He will show how to publish these images, and submit their build attestations to an immutable public audit log. As a bonus, he'll also show how to manage ca-certs in container images, keeping them up-to-date and avoiding the dodgy ones which show up with surprising regularity.
-
Failure Is Always An OptionDylan BeattieThursday Jun 29 @ 15:40
-
Small Steps Are the Fastest Way Forward: Life Beyond Agile & ScrumSander HoogendoornThursday Jun 29 @ 13:30
-
Programming's Greatest MistakesMark RendleWednesday Jun 28 @ 16:40
-
Demystifying Blockchain - From Infrastructures Via Smart Contracts to ApplicationsOlivier RikkenTuesday Jun 27 @ 14:20
-
Privacy, Crime, National Security, Human Rights & You in the MiddleBert HubertTuesday Jun 27 @ 16:40
-
The Flight Plan to Emission Free AviationDr. Anita SenguptaTuesday Jun 27 @ 09:10
-
Developing and Maintaining Your Own BrainErik ScherderWednesday Jun 28 @ 09:10
-
One Rule to Rule Them AllDave ThomasThursday Jun 29 @ 09:10
-
How The Hack?Ben SadeghipourWednesday Jun 28 @ 13:20
-
Industry Myth BustingJoris KuipersTuesday Jun 27 @ 13:20