The notary project is the cornerstone of the container security toolchain, used in many OCI registries and Docker engine to sign and validate your docker images. The first version of Notary based on the TUF framework had some bottlenecks as an example: Notary v1 didn’t allow signatures to move with the images, they were tightly bound to a single registry.
A complete re-design has been started and we now have the second prototype available to play with.
Throughout this talk, I aim to give you an overview of the Notary v2 project as well as a quick demo of the prototype made by the community behind the project.
DSC Germany
Discovery of Notary v2 the evolution of your container security toolchain
with Rachid Zarouali
play_circle
Sharefacebookmail_outlinelink
Description:
Tags:
Application Security
AppSec
Open Source Security
Security Transformation
About Rachid Zarouali
Rachid Zarouali is a Docker Captain, Community Leader, international speaker and trainer
In his previous roles as head of the infrastructure team for the French registry and C.I.O of a worldwide
recognized CRM and E-COMMERCE agency,
he recognized the need to bring the latest technology at a production level to businesses of all sizes and founded SevenSphere.
Through SevenSphere, Rachid offers training and consultancy for companies striving to dive into microservices container based infrastructure.
Husband and father, Rachid spends his spare time, participating in a number of OSS communities, teaching cloud computing architecture at a software engineering school.