Join us on December 1 for the next Anchore virtual open source meetup where developers and security practitioners will share their tips, tricks, and lessons learned on securing containers. This session will focus on using open source tools, including Cartographer, Syft, and Grype to improve your software supply chain security.
We’ll provide an overview of Cartographer and discuss how it can improve software supply chain security. Plus you’ll see a demo on how to use Cartographer along with Syft and Grype to improve the security posture of your containers.
You’ll see a live demonstration of sbom-action, a GitHub action for creating an SBOM. Sbom-action uses the open source tool Syft to provide container image and directory-based SBOM generation, which makes it easy to add multiple SBOM-generation steps to your workflows to find out what’s under the hood and secure your software supply chain.
Christopher Phillips
Senior Software Engineer
Anchore
Live discussion of container security best practices with your fellow developers and security practitioners.
We’ll wrap up the planned content in an hour, but feel to stick around and continue the discussion or ask more questions.
Daniel de Repentigny
Senior Product Manager
VMware
Hector Fernandez
Supply Chain Tools Technical Lead
VMware