Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

less than 1 minute read

Abstract

With the rise in software supply chain attacks, stakeholders in the software industry become more interested in the supply chain security utilizing SBOM (Software Bill of Materials). This talk will focus on the SBOM integration between Harbor project and Aqua Trivy scanner. Currently, Harbor supports manually attaching SBOM artifacts to its subject image as an accessory. Leveraging OCI distribution-spec 1.1, SBOM can be auto-generated and auto-associated, which enhances the visibility of the software building process. Additionally, the SBOM scanning capability in Harbor will streamline vulnerability scanning by eliminating the procedure of repeatedly analyzing container images, making the scanning process more efficient. Furthermore, the new Harbor scanner pluggable spec provides compatibility and flexibility. This session will give a demo to show SBOM generation and SBOM scanning for vulnerabilities, providing practical insights for large-scale containers security management.

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google

Kubernetes Security Blind Spot: Misconfigured System Pods - Shaul Ben Hai, Palo Alto Networks