Skip to content

Docker: Secure Software Supply Chain, Part One​

Published on

In this two-part module, we explain container image signing and vulnerability scanning, the threats that exist in the build pipeline without image signing and third-party/open-source image vulnerability scanning, how to perform image signing for Docker containers using Docker Content Trust, how to execute third-party/open-source vulnerability scanning for Docker containers and explore the available container vulnerability scanning tools.