Join us for a hands-on workshop in collaboration with Chainguard - safe source for open source

Hands-on workshop where we will discuss the software supply chain and how to minimize CVEs.
We start with a theoretical discussion how Chainguard achieves zero CVE images and how organisations can use them.
The second part is a deeper dive into scanners, how they can be tricked, SBOMs and how to achieve provenance.

We have a limited number of seats for this workshop, so make sure you sign up!

Pre reqs

Ensure you have the following tools available on your laptop in order to participate in the workshop. We strongly recommend testing this before arriving at the venue as there will be no time allocated to setup and installation during the workshop.

• bash >4 - Some scripts require declare -A

• docker

• git

• trivy - Vulnerability scanner

• grype - Vulnerability scanner

• syft - SBOM generator

• cosign - Supply chain security tool

• jq - JSON processor