USING OPEN SOURCE TO SECURE THE SOFTWARE SUPPLY CHAIN:

Join us on December 1 for the next Anchore virtual open source meetup where developers and security practitioners will share their tips, tricks, and lessons learned on securing containers. This session will focus on using open source tools, including Cartographer, Syft, and Grype to improve your software supply chain security.

DECEMBER 1, 2021

11 am - 12 pm (PST) • 2 pm - 3 pm (EST)

December 1 • 11 am (PST) / 2 pm (EST)

© 2021 Anchore, Inc. All rights reserved. | Legal

Secure Your Software Supply Chain Using Cartographer

Daniel de Repentigny
Senior Product Manager, VMware

Create SBOMs & Scan for Vulnerabilities with Syft and Grype

Christopher Phillips
Senior Software Engineer, Anchore

Discussion

Live discussion of container security best practices with your fellow developers and security practitioners.

Continue the Conversation

We’ll wrap up the planned content in an hour, but feel to stick around and continue the discussion or ask more questions.

ANCHORE OPEN SOURCE MEETUP

TOPICS FOR THIS ONE HOUR MEETUP:

We’ll provide an overview of Cartographer and discuss how it can improve software supply chain security. Plus you’ll see a demo on how to use Cartographer along with Syft and Grype to improve the security posture of your containers.

You’ll see a live demonstration of sbom-action, a GitHub action for creating an SBOM. Sbom-action uses the open source tool Syft to provide container image and directory-based SBOM generation, which makes it easy to add multiple SBOM-generation steps to your workflows to find out what’s under the hood and secure your software supply chain.

CARTOGRAPHER, SYFT, AND GRYPE

TOPICS FOR THIS ONE HOUR MEETUP:

Hector Fernandez
Supply Chain Tools Technical Lead, VMware