Join us on June 15th for the next Anchore virtual open source meetup: Securing the Software Supply Chain using Docker Desktop and Syft.
Hosts Amy Bass from Docker Desktop and Christopher Phillips from Anchore OSS will explore how Docker Extensions for Docker Desktop is supporting open source projects and we’ll have the latest update on Syft: in-toto attestations.
Docker Desktop Extensions enable developers to seamlessly integrate their favorite OSS tools and power-up their build cycles. We’ll explore the latest additions including SBOM generation.
The most recent feature enhancement lets users avoid key management altogether using Sigstore’s “keyless” flow, where users use their identity in systems like GitHub or Google to sign content (like SBOMs in this case) in a way that others can verify.
Live discussion of supply chain security best practices with your fellow developers and security practitioners.
We’ll wrap up the planned content in an hour, but feel to stick around and continue the discussion or ask more questions.