© 2022 Anchore, Inc. All rights reserved. | Legal

June 15, 2022

Using Open Source to Secure the Software Supply Chain: Docker Desktop and Syft

Join us on June 15th for the next Anchore virtual open source meetup: Securing the Software Supply Chain using Docker Desktop and Syft.

Anchore Open Source Meetup

Hosts Amy Bass from Docker Desktop and Christopher Phillips from Anchore OSS will explore how Docker Extensions for Docker Desktop is supporting open source projects and we’ll have the latest update on Syft: in-toto attestations.

11 am - 12 pm PT | 2 pm - 3 pm ET

Extensions for Docker Desktop

Docker Desktop Extensions enable developers to seamlessly integrate their favorite OSS tools and power-up their build cycles. We’ll explore the latest additions including SBOM generation.

In-toto Attestations with Syft

The most recent feature enhancement lets users avoid key management altogether using Sigstore’s “keyless” flow, where users use their identity in systems like GitHub or Google to sign content (like SBOMs in this case) in a way that others can verify.

Discussion

Live discussion of supply chain security best practices with your fellow developers and security practitioners.

Continue the Conversation

We’ll wrap up the planned content in an hour, but feel to stick around and continue the discussion or ask more questions.