Free SBOM Generation Tool to be integrated by Docker, Inc.

Docker, Inc. plans to embed the ability to dynamically generate a software bill of materials (SBOM) using the Docker Build command that developers use to build Docker images. Company CEO Scott Johnston says existing SBOM tools can’t keep pace with the rate at which developers are ripping and replacing containers.

Atomist, a container vulnerability detection tool vendor that will be integrated with Docker Build, was recently bought by Docker Inc. The end goal is to gather SBOMs and evaluate them proactively so that businesses can accept or reject applications depending on the components being used. The integration of SBOM capabilities by Docker Inc. will make it easier for development teams to identify and fix problems. Read the full article.

Top Picks for you this week

Difference between Docker Image & Docker Container

When you understand how a container is created, you will be able to distinguish between images and containers with ease. You will now have a solid understanding of what a Docker image is, what a container is, and how they relate after reading this article. The life cycles of containers and images are different.

Kubernetes Zero Trust Model: Overview and Introduction

Zero Trust is a framework that, in addition to a change in culture, involves a variety of tools, processes, and technology to be effective. Every identity in the Zero Trust paradigm is assumed to be malicious until proven otherwise. The CNCF advises taking into account platform-based pod policies, network policies, packaging, and container image architecture when implementing zero trust in a Kubernetes context.

Important Events

[LIVE EVENT] How to Secure Kubernetes and Secrets Management | September 24, 11:30 AM–12:30 PM IST | Register NOW!

This session covers various security practices and pitfalls you should be aware of while running applications on any Kubernetes platform. It will also cover a few advanced topics like container runtime and Docker security. Some of the topics that will be discussed are as follows:

-Cluster Access and RBAC

-Network Security and Network Policy

-Pod/Container level security

-Multi-tenancy/Multi-teams

-Secret management and encryption

Kubernetes Monitoring, Alerting, and Auditing using DO Marketplace tools|October 29, 11:30 AM–12:30 PM IST | Register NOW

Career Opportunities

Business Development Manager-Cloud Solution Apply Now

RazorOps is looking for a highly talented sales manager to grow our SaaS business.

Kubernetes Developer and Admin Apply Now

RazorOps is looking for highly talented, hands-on Kubernetes developers to help accelerate our growing Professional Services consulting cloud and DevOps practice.

Senior Golang Developer Apply Now

We need a strong, battle-tested Golang developer with experience developing the Kubernetes operator SDK and runtime controller

Sponsored

PS- We are going to release newsletters every week, so don't forget to subscribe and share them with your network. We hope this newsletter has provided valuable information.