Beginner

Container Supply Chain Security Essentials

Use Coupon 'SKILLSURGE15' to get 15% Off Individual Pro and Pro Plus Annual Plans
Learning Path
Container Security
Ideal for
Developer
DevOps
Security Engineer
5
Hours
9
Lessons
6
Cloud Labs

Supply chains are a key part of managing software projects at scale. This course will take a hands-on focus on tools, workloads, and methods to manage even the most complex Container supply chains.

We'll start by learning about the problems with container supply chains, and establishing trust in the supply chains. Next, we'll use hands-on labs to generate and manage Container Software Bill of Materials (SBOM). To do this, we'll use tools like Syft to generate the SBOM, and Grype to scan the SBOM for vulnerabilities.

We'll also trojanizing container problems, container image provenance, and explore Project Sigstore. Here, you'll learn how to use Cosign, Rekor, and Fulcio to maintain a secure software supply chain at every step of the process.

You might also like these courses

Or explore these Learning Paths

Labs

ImageTragick

Syft and grype

Cosign

Cosign with Blob

Kyeless signing

Keyless signing github actions

Hands-on. Defensive. Bleeding-Edge.

There's no other training platform that does all three. Except AppSecEngineer.
Get Our Newsletter
Get Started
X
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023