Beginner

Container Supply Chain Security Essentials

Bootcamp: Rapid Threat Modeling with GenAI & LLMs - June 6-7, 2024. Only 12 seats left - Secure your spot!
Learning Path
Container Security
Ideal for
Developer
DevOps
Security Engineer
5
Hours
9
Lessons
6
Cloud Labs

Supply chains are a key part of managing software projects at scale. This course will take a hands-on focus on tools, workloads, and methods to manage even the most complex Container supply chains.

We'll start by learning about the problems with container supply chains, and establishing trust in the supply chains. Next, we'll use hands-on labs to generate and manage Container Software Bill of Materials (SBOM). To do this, we'll use tools like Syft to generate the SBOM, and Grype to scan the SBOM for vulnerabilities.

We'll also trojanizing container problems, container image provenance, and explore Project Sigstore. Here, you'll learn how to use Cosign, Rekor, and Fulcio to maintain a secure software supply chain at every step of the process.

Get STARTED

You might also like these courses

Attacking and Defending Containers

Attacking and Securing Container Registry

Essentials of Container Monitoring

Containers Beyond Docker

Or explore these Learning Paths

AI & LLM Security Learning Path and Collection
Google Cloud Security
Threat Modeling
Kubernetes Security
DevSecOps
Container Security
Azure Security
AWS Security
Advanced Application Security
Application Security Essentials

Labs

ImageTragick

Syft and grype

Cosign

Cosign with Blob

Kyeless signing

Keyless signing github actions

Course Content

Hands-on. Defensive. Bleeding-Edge.

There's no other training platform that does all three. Except AppSecEngineer.
Get Our Newsletter
Get Started
X
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023