© 2022 Anchore, Inc. All rights reserved. | Legal
September 1, 2021
Using Open Source to Start Securing Your Software Supply Chain: Sigstore, Syft & Grype
Topics For This One Hour Meetup
Join us on September 1 for the next Anchore virtual open source meetup where developers and security practitioners will share their tips, tricks and lessons learned on securing containers. This session will focus on using open source tools, including Sigstore, Syft, and Grype to improve your software supply chain security.
Anchore Open Source Meetup
11 am - 12 pm PT | 2 pm - 3 pm ET
I’ll provide an overview of Sigstore and discuss how it can improve supply chain security. Plus you’ll see a demo on how to use Sigstore along with Syft to improve the security posture of your containers.
Dan Lorenc
Software Engineer
Google
You’ll see a live demonstration on how to use Grype’s JSON output to explore, understand, and triage your vulnerability analyses. I’ll also cover how to leverage Grype’s templating feature to deliver data to workflows in any format.
Live discussion of container security best practices with your fellow developers and security practitioners.
We’ll wrap up the planned content in an hour, but feel to stick around and continue the discussion or ask more questions.
Dan Luhring
Engineering Manager
Anchore