Building a Secure Supply Chain with Docker

•

0 gefällt mir•435 views

Creating a Secure Supply Chain of images is vitally important. Every organization needs to weigh ALL options available and understand the security risks. With so many options for images, it is tough to pick the right ones or even to create your own. Ultimately, every organization needs to know the provenance of all the images. Then once the images are imported into the infrastructure, a vulnerability scan is vital. Docker Trusted Registry with Image Scanning will give organizations insight into any vulnerabilities. Better yet, its automated with a succinct audit trail, so you can still take that vacation you had planned and make your security team happy.

Technologie

Secure Supply Chain
Security Engineer - Docker inc.
Ashwini Oruganti
Solutions Architect - Docker inc.
Andy Clemenko

• Manual
• Cumbersome
• Multiple sources

Certified
Official
Community
IF?
Automated
Dockerfile
Makes Sense
Build Your Own

.gitlab-ci.yml
Dockerfile
app.py
flask.yml
static
templates

Image Promotion
! Promotes “blessed” images from one repository
to another
! Repositories each have their own access control
! Images can be re-tagged automatically to a new
tag
! Can be done “manually” or automatically by a
“policy”
dev /
qa /
staging /
prod /

Demo
git commit -sam "updated app.py” && git push

Workflow
Git CI
Build/Pull
Push
DTR
Private Repo
Scan/Promote

Workflow
Git CI
Build/Pull
Push
CI
Pull & Sign
DTR
Private Repo
Scan/Promote

Workflow
Git CI
Build/Pull
Push
CI
Pull & Sign
DTR
Private Repo
Scan/Promote
DTR
Public Repo

Docker EE
Hosted Demo
● Free 4 Hour Demo

● No Servers Required

● Full Docker EE
Cluster Access
docker.com/trial

https://success.docker.com
https://store.docker.com
Thank You!
@_ashfall_
@aclemenko

Empfohlen

Containerizing Hardware Accelerated ApplicationsDocker, Inc.

Docker ee an architecture and operations overviewDocker, Inc.

Use Docker to Deliver Cognitive Services Running Cross Platform and Multi Clo...Docker, Inc.

Building your production tech stack for docker container platformDocker, Inc.

Demystifying container connectivity with kubernetes in dockerDocker, Inc.

Learning the Alphabet: A/B, CD and [E-Z] in the Docker Datacenter by Brett Ti...Docker, Inc.

Considerations for operating docker at scaleDocker, Inc.

Packaging software for the distribution on the edgeDocker, Inc.

Empfohlen

Containerizing Hardware Accelerated ApplicationsDocker, Inc.

Docker ee an architecture and operations overviewDocker, Inc.

Use Docker to Deliver Cognitive Services Running Cross Platform and Multi Clo...Docker, Inc.

Building your production tech stack for docker container platformDocker, Inc.

Demystifying container connectivity with kubernetes in dockerDocker, Inc.

Learning the Alphabet: A/B, CD and [E-Z] in the Docker Datacenter by Brett Ti...Docker, Inc.

Considerations for operating docker at scaleDocker, Inc.

Packaging software for the distribution on the edgeDocker, Inc.

Troubleshooting tips from docker support engineersDocker, Inc.

The Complexity to "Yes" in Analytics Software and the Possibilities with Dock...Docker, Inc.

5 patterns for success for application transformationDocker, Inc.

Shipping and Shifting ~100 Apps with Docker EEDocker, Inc.

How to build your containerization strategyDocker, Inc.

Docker?!?! But I'm a SysAdminDocker, Inc.

DockerCon EU 2015: Placing a container on a train at 200mphDocker, Inc.

Accelerating the Next 10,000 Clouds by Michael Kadera, IntelDocker, Inc.

Docker Meetup at Docker HQ: Docker CloudDocker, Inc.

What's New in DockerDocker, Inc.

DCSF 19 Building Your Development Pipeline Docker, Inc.

DCEU 18: Docker Containers in a Serverless WorldDocker, Inc.

Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Docker, Inc.

Docker in Production, Look No Hands! by Scott CoultonDocker, Inc.

Docker Multi-arch All The ThingsDocker, Inc.

DCEU 18: State of the Docker EngineDocker, Inc.

Advanced Access Control with Docker EEDocker, Inc.

DockerCon SF 2015: Docker in the New York Times NewsroomDocker, Inc.

Chugging Our Own "Craft Brew” – HPE’s Journey Towards Containers-as-a-Service...Docker, Inc.

Building a Service Delivery Platform - JCICPH 2014Andreas Rehn

DCEU 18: Building Your Development PipelineDocker, Inc.

Gitlab ci, cncf.skJuraj Hantak

Weitere ähnliche Inhalte

Was ist angesagt?

Troubleshooting tips from docker support engineersDocker, Inc.

The Complexity to "Yes" in Analytics Software and the Possibilities with Dock...Docker, Inc.

5 patterns for success for application transformationDocker, Inc.

Shipping and Shifting ~100 Apps with Docker EEDocker, Inc.

How to build your containerization strategyDocker, Inc.

Docker?!?! But I'm a SysAdminDocker, Inc.

DockerCon EU 2015: Placing a container on a train at 200mphDocker, Inc.

Accelerating the Next 10,000 Clouds by Michael Kadera, IntelDocker, Inc.

Docker Meetup at Docker HQ: Docker CloudDocker, Inc.

What's New in DockerDocker, Inc.

DCSF 19 Building Your Development Pipeline Docker, Inc.

DCEU 18: Docker Containers in a Serverless WorldDocker, Inc.

Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Docker, Inc.

Docker in Production, Look No Hands! by Scott CoultonDocker, Inc.

Docker Multi-arch All The ThingsDocker, Inc.

DCEU 18: State of the Docker EngineDocker, Inc.

Advanced Access Control with Docker EEDocker, Inc.

DockerCon SF 2015: Docker in the New York Times NewsroomDocker, Inc.

Chugging Our Own "Craft Brew” – HPE’s Journey Towards Containers-as-a-Service...Docker, Inc.

Building a Service Delivery Platform - JCICPH 2014Andreas Rehn

Was ist angesagt? (20)

Troubleshooting tips from docker support engineers

The Complexity to "Yes" in Analytics Software and the Possibilities with Dock...

5 patterns for success for application transformation

Shipping and Shifting ~100 Apps with Docker EE

How to build your containerization strategy

Docker?!?! But I'm a SysAdmin

DockerCon EU 2015: Placing a container on a train at 200mph

Accelerating the Next 10,000 Clouds by Michael Kadera, Intel

Docker Meetup at Docker HQ: Docker Cloud

What's New in Docker

DCSF 19 Building Your Development Pipeline

DCEU 18: Docker Containers in a Serverless World

Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...

Docker in Production, Look No Hands! by Scott Coulton

Docker Multi-arch All The Things

DCEU 18: State of the Docker Engine

Advanced Access Control with Docker EE

DockerCon SF 2015: Docker in the New York Times Newsroom

Chugging Our Own "Craft Brew” – HPE’s Journey Towards Containers-as-a-Service...

Building a Service Delivery Platform - JCICPH 2014

Ähnlich wie Building a Secure Supply Chain with Docker

DCEU 18: Building Your Development PipelineDocker, Inc.

Gitlab ci, cncf.skJuraj Hantak

Docker e git labGianluca Padovani

Patterns & Antipatterns in Docker Image Lifecycleyoavl

Common primitives in Docker environmentsalexandru giurgiu

Setting up CI/CD pipeline with Kubernetes and Kublr step-by-stepOleg Chunikhin

Setting up CI/CD Pipeline with Kubernetes and Kublr step by-stepKublr

Deploy Angular to the Cloud (ngBucharest)Simona Cotin

PittsburgJUG_Cloud-Native Dev Tools: Bringing the cloud back to earthGrace Jansen

Production sec ops with kubernetes in dockerDocker, Inc.

Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Docker, Inc.

What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...Edureka!

Continuous Delivery, Continuous Integration Amazon Web Services

Deploying R for Production - SRUGHolger Hellebro

Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...Marc Müller

CICD_1670665418.pdfedsonJeancarloRuedaS

Jenkins vs GitLab CICEE-SEC(R)

Building Slack's internal developer platform as a product.pdfJavier Turégano Molina

Better Operations into the CloudFabio Ferrari

Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...Lean IT Consulting

Ähnlich wie Building a Secure Supply Chain with Docker (20)

DCEU 18: Building Your Development Pipeline

Gitlab ci, cncf.sk

Docker e git lab

Patterns & Antipatterns in Docker Image Lifecycle

Common primitives in Docker environments

Setting up CI/CD pipeline with Kubernetes and Kublr step-by-step

Setting up CI/CD Pipeline with Kubernetes and Kublr step by-step

Deploy Angular to the Cloud (ngBucharest)

PittsburgJUG_Cloud-Native Dev Tools: Bringing the cloud back to earth

Production sec ops with kubernetes in docker

Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...

What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...

Continuous Delivery, Continuous Integration

Deploying R for Production - SRUG

Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...

CICD_1670665418.pdf

Jenkins vs GitLab CI

Building Slack's internal developer platform as a product.pdf

Better Operations into the Cloud

Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...

Mehr von Docker, Inc.

Containerize Your Game Server for the Best Multiplayer Experience Docker, Inc.

How to Improve Your Image Builds Using Advance Docker BuildDocker, Inc.

Build & Deploy Multi-Container Applications to AWSDocker, Inc.

Securing Your Containerized Applications with NGINXDocker, Inc.

How To Build and Run Node Apps with Docker and ComposeDocker, Inc.

Hands-on Helm Docker, Inc.

Distributed Deep Learning with Docker at SalesforceDocker, Inc.

The First 10M Pulls: Building The Official Curl Image for Docker HubDocker, Inc.

Monitoring in a Microservices WorldDocker, Inc.

COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...Docker, Inc.

Predicting Space Weather with DockerDocker, Inc.

Become a Docker Power User With Microsoft Visual Studio CodeDocker, Inc.

How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.

Monolithic to Microservices + Docker = SDLC on Steroids!Docker, Inc.

Kubernetes at Datadog ScaleDocker, Inc.

Labels, Labels, Labels Docker, Inc.

Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelDocker, Inc.

Build & Deploy Multi-Container Applications to AWSDocker, Inc.

From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...Docker, Inc.

Developing with Docker for the Arm ArchitectureDocker, Inc.

Mehr von Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience

How to Improve Your Image Builds Using Advance Docker Build

Build & Deploy Multi-Container Applications to AWS

Securing Your Containerized Applications with NGINX

How To Build and Run Node Apps with Docker and Compose

Hands-on Helm

Distributed Deep Learning with Docker at Salesforce

The First 10M Pulls: Building The Official Curl Image for Docker Hub

Monitoring in a Microservices World

COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...

Predicting Space Weather with Docker

Become a Docker Power User With Microsoft Visual Studio Code

How to Use Mirroring and Caching to Optimize your Container Registry

Monolithic to Microservices + Docker = SDLC on Steroids!

Kubernetes at Datadog Scale

Labels, Labels, Labels

Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model

Build & Deploy Multi-Container Applications to AWS

From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...

Developing with Docker for the Arm Architecture

Kürzlich hochgeladen

My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar

Pigging Solutions Piggable Sweeping ElbowsPigging Solutions

Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst

Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies

Understanding the Laravel MVC ArchitecturePixlogix Infotech

Presentation on how to chat with PDF using ChatGPT code interpreternaman860154

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski

From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software

Install Stable Diffusion in windows machinePadma Pradeep

Slack Application Development 101 Slidespraypatel2

Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix

[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745

Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent

The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los

Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies

Key Features Of Token Development (1).pptxLBM Solutions

How to convert PDF to text with Nanonetsnaman860154

Pigging Solutions in Pet Food ManufacturingPigging Solutions

Kürzlich hochgeladen (20)

My Hashitalk Indonesia April 2024 Presentation

Pigging Solutions Piggable Sweeping Elbows

Human Factors of XR: Using Human Factors to Design XR Systems

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

Understanding the Laravel MVC Architecture

Presentation on how to chat with PDF using ChatGPT code interpreter

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Install Stable Diffusion in windows machine

Slack Application Development 101 Slides

Swan(sea) Song – personal research during my six years at Swansea ... and bey...

[2024]Digital Global Overview Report 2024 Meltwater.pdf

Azure Monitor & Application Insight to monitor Infrastructure & Application

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Benefits Of Flutter Compared To Other Frameworks

Key Features Of Token Development (1).pptx

How to convert PDF to text with Nanonets

Pigging Solutions in Pet Food Manufacturing

Building a Secure Supply Chain with Docker

1. Secure Supply Chain Security Engineer - Docker inc. Ashwini Oruganti Solutions Architect - Docker inc. Andy Clemenko

5. Docker EE Signing Scanning Promotion

6. • Manual • Cumbersome • Multiple sources

7. Legos?

8. Fire?

9. Starting points store.docker.com

10.

11. Certified Official Community IF? Automated Dockerfile Makes Sense Build Your Own

12.

13. .gitlab-ci.yml Dockerfile app.py flask.yml static templates

14. Automated builds

15. Docker EE Signing Scanning Promotion

16. Developer or CI Trusted Registry

17.

18.

19.

20. 321

21. docker trust

22. Demo Signing Policy + docker trust

23. Docker EE Signing Scanning Promotion

24.

25. Docker EE Signing Scanning Promotion

26. Image Promotion ! Promotes “blessed” images from one repository to another ! Repositories each have their own access control ! Images can be re-tagged automatically to a new tag ! Can be done “manually” or automatically by a “policy” dev / qa / staging / prod /

27. Demo git commit -sam "updated app.py” && git push

28. Workflow Git

29. Workflow Git CI Build/Pull Push

30. Workflow Git CI Build/Pull Push DTR Private Repo Scan/Promote

31. Workflow Git CI Build/Pull Push CI Pull & Sign DTR Private Repo Scan/Promote

32. Workflow Git CI Build/Pull Push CI Pull & Sign DTR Private Repo Scan/Promote DTR Public Repo

33. Docker EE Hosted Demo ● Free 4 Hour Demo ● No Servers Required ● Full Docker EE Cluster Access docker.com/trial

34. https://success.docker.com https://store.docker.com Thank You! @_ashfall_ @aclemenko