Don't miss out! Join us at our next Flagship Conference: KubeCon + CloudNativeCon North America in Salt Lake City from November 12 - 15, 2024. Connect with our current graduated, incubating, and sandbox projects as the community gathers to further the education and advancement of cloud native computing. Learn more at [ Ссылка ]

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

With the rise in software supply chain attacks, stakeholders in the software industry become more interested in the supply chain security utilizing SBOM (Software Bill of Materials). This talk will focus on the SBOM integration between Harbor project and Aqua Trivy scanner. Currently, Harbor supports manually attaching SBOM artifacts to its subject image as an accessory. Leveraging OCI distribution-spec 1.1, SBOM can be auto-generated and auto-associated, which enhances the visibility of the software building process. Additionally, the SBOM scanning capability in Harbor will streamline vulnerability scanning by eliminating the procedure of repeatedly analyzing container images, making the scanning process more efficient. Furthermore, the new Harbor scanner pluggable spec provides compatibility and flexibility. This session will give a demo to show SBOM generation and SBOM scanning for vulnerabilities, providing practical insights for large-scale containers security management.

свернуть