Distributing Supply Chain Artifacts with OCI & ORAS Artifacts - Steve Lasker, Microsoft

less than 1 minute read

Abstract

In a world of continuous supply chain attacks, secure distribution matters more than ever. Your images are now signed, with systems bill of materials (SBOM) and frequent scan results. How will you consume them from public endpoints, promoting them across environments into private network environments where there’s no external access? ORAS Artifacts lifts OCI Artifacts to the next level by enabling graphs of artifact relationships to be established. When you archive or delete any given container image, the related artifacts are archived or deleted as well, providing predictable lifecycle management. ORAS Artifacts enable you to build upon the hardened, performant, securely distributed registries you’re already using. Come see how registries are evolving, enabling all your cloud-native artifacts to be distributed from the public registries to your private environments, wherever they may be.Click here to view captioning/translation in the MeetingPlay platform!

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

Distributing Supply Chain Artifacts with OCI & ORAS Artifacts - Steve Lasker, Microsoft

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google