Free SBOM Generation Tool to be integrated by Docker, Inc.
Docker, Inc. plans to embed the ability to dynamically generate a software bill of materials (SBOM) using the Docker Build command that developers use to build Docker images. Company CEO Scott Johnston says existing SBOM tools can’t keep pace with the rate at which developers are ripping and replacing containers.
Atomist, a container vulnerability detection tool vendor that will be integrated with Docker Build, was recently bought by Docker Inc. The end goal is to gather SBOMs and evaluate them proactively so that businesses can accept or reject applications depending on the components being used. The integration of SBOM capabilities by Docker Inc. will make it easier for development teams to identify and fix problems. Read the full article.
Top Picks for you this week
When you understand how a container is created, you will be able to distinguish between images and containers with ease. You will now have a solid understanding of what a Docker image is, what a container is, and how they relate after reading this article. The life cycles of containers and images are different.
Zero Trust is a framework that, in addition to a change in culture, involves a variety of tools, processes, and technology to be effective. Every identity in the Zero Trust paradigm is assumed to be malicious until proven otherwise. The CNCF advises taking into account platform-based pod policies, network policies, packaging, and container image architecture when implementing zero trust in a Kubernetes context.
This session covers various security practices and pitfalls you should be aware of while running applications on any Kubernetes platform. It will also cover a few advanced topics like container runtime and Docker security. Some of the topics that will be discussed are as follows:
-Cluster Access and RBAC
-Network Security and Network Policy
-Pod/Container level security
-Secret management and encryption
Business Development Manager-Cloud Solution Apply Now
RazorOps is looking for a highly talented sales manager to grow our SaaS business.
Kubernetes Developer and Admin Apply Now
RazorOps is looking for highly talented, hands-on Kubernetes developers to help accelerate our growing Professional Services consulting cloud and DevOps practice.
Senior Golang Developer Apply Now
We need a strong, battle-tested Golang developer with experience developing the Kubernetes operator SDK and runtime controller
PS- We are going to release newsletters every week, so don't forget to subscribe and share them with your network. We hope this newsletter has provided valuable information.