Building a Secure Supply Chain with Docker

0 likes463 views

The document details a presentation by Ashwini Oruganti and Andy Clemenko on Docker Inc.'s Docker EE signing and scanning promotion processes, which emphasize improved automation over manual and cumbersome methods. It outlines workflows for developers, including automatic image promotion and access control for repositories. It also mentions a free demo of Docker EE hosted services available on their website.

Technology

Secure Supply Chain
Security Engineer - Docker inc.
Ashwini Oruganti
Solutions Architect - Docker inc.
Andy Clemenko

Building a Secure Supply Chain with Docker

• Manual
• Cumbersome
• Multiple sources

Certified
Official
Community
IF?
Automated
Dockerfile
Makes Sense
Build Your Own

.gitlab-ci.yml
Dockerfile
app.py
flask.yml
static
templates

Image Promotion
! Promotes “blessed” images from one repository
to another
! Repositories each have their own access control
! Images can be re-tagged automatically to a new
tag
! Can be done “manually” or automatically by a
“policy”
dev /
qa /
staging /
prod /

Demo
git commit -sam "updated app.py” && git push

Workflow
Git CI
Build/Pull
Push
DTR
Private Repo
Scan/Promote

Workflow
Git CI
Build/Pull
Push
CI
Pull & Sign
DTR
Private Repo
Scan/Promote

Workflow
Git CI
Build/Pull
Push
CI
Pull & Sign
DTR
Private Repo
Scan/Promote
DTR
Public Repo

Docker EE
Hosted Demo
● Free 4 Hour Demo

● No Servers Required

● Full Docker EE
Cluster Access
docker.com/trial

https://success.docker.com
https://store.docker.com
Thank You!
@_ashfall_
@aclemenko

More Related Content

What's hot (20)

PDF

Troubleshooting tips from docker support engineersDocker, Inc.

PDF

The Complexity to "Yes" in Analytics Software and the Possibilities with Dock...Docker, Inc.

PDF

5 patterns for success for application transformationDocker, Inc.

PDF

Shipping and Shifting ~100 Apps with Docker EEDocker, Inc.

PDF

How to build your containerization strategyDocker, Inc.

PDF

Docker?!?! But I'm a SysAdminDocker, Inc.

PPTX

DockerCon EU 2015: Placing a container on a train at 200mphDocker, Inc.

PPTX

Accelerating the Next 10,000 Clouds by Michael Kadera, IntelDocker, Inc.

PDF

Docker Meetup at Docker HQ: Docker CloudDocker, Inc.

PDF

What's New in DockerDocker, Inc.

PDF

DCSF 19 Building Your Development Pipeline Docker, Inc.

PDF

DCEU 18: Docker Containers in a Serverless WorldDocker, Inc.

PDF

Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Docker, Inc.

PDF

Docker in Production, Look No Hands! by Scott CoultonDocker, Inc.

PDF

Docker Multi-arch All The ThingsDocker, Inc.

PDF

DCEU 18: State of the Docker EngineDocker, Inc.

PDF

Advanced Access Control with Docker EEDocker, Inc.

PDF

DockerCon SF 2015: Docker in the New York Times NewsroomDocker, Inc.

PPTX

Chugging Our Own "Craft Brew” – HPE’s Journey Towards Containers-as-a-Service...Docker, Inc.

PDF

Building a Service Delivery Platform - JCICPH 2014Andreas Rehn

Troubleshooting tips from docker support engineersDocker, Inc.

The Complexity to "Yes" in Analytics Software and the Possibilities with Dock...Docker, Inc.

5 patterns for success for application transformationDocker, Inc.

Shipping and Shifting ~100 Apps with Docker EEDocker, Inc.

How to build your containerization strategyDocker, Inc.

Docker?!?! But I'm a SysAdminDocker, Inc.

DockerCon EU 2015: Placing a container on a train at 200mphDocker, Inc.

Accelerating the Next 10,000 Clouds by Michael Kadera, IntelDocker, Inc.

Docker Meetup at Docker HQ: Docker CloudDocker, Inc.

What's New in DockerDocker, Inc.

DCSF 19 Building Your Development Pipeline Docker, Inc.

DCEU 18: Docker Containers in a Serverless WorldDocker, Inc.

Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Docker, Inc.

Docker in Production, Look No Hands! by Scott CoultonDocker, Inc.

Docker Multi-arch All The ThingsDocker, Inc.

DCEU 18: State of the Docker EngineDocker, Inc.

Advanced Access Control with Docker EEDocker, Inc.

DockerCon SF 2015: Docker in the New York Times NewsroomDocker, Inc.

Chugging Our Own "Craft Brew” – HPE’s Journey Towards Containers-as-a-Service...Docker, Inc.

Building a Service Delivery Platform - JCICPH 2014Andreas Rehn

Similar to Building a Secure Supply Chain with Docker (20)

PPTX

Start tracking your ruby infrastructureSergiy Kukunin

PPTX

Docker Security workshop slidesDocker, Inc.

PDF

Docker for developersandrzejsydor

PDF

Building a Secure App with Docker - Ying Li and David Lawrence, DockerDocker, Inc.

PDF

Docker Security Deep Dive by Ying Li and David LawrenceDocker, Inc.

PDF

Docker Enterprise Edition Overview by Steven Thwaites, Technical Solutions En...Ashnikbiz

PDF

Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker, Inc.

PDF

DCSF 19 Docker Enterprise Platform and ArchitectureDocker, Inc.

PPTX

Docker Timisoara: Dockercon19 recap slides, 23 may 2019Radulescu Adina-Valentina

PPTX

Docker Roadshow 2016Docker, Inc.

PDF

Introduction to Docker, Devops Virtualization and configuration managementAbhinShyam1

PDF

Dockercon EU 2014Rafe Colton

PDF

Accelerate your software development with DockerAndrey Hristov

PPTX

Accelerate your development with DockerAndrey Hristov

PPTX

The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...Docker, Inc.

PPTX

Docker Starter PackSaeed Hajizade

PDF

[@NaukriEngineering] Docker 101Naukri.com

PDF

Docker on DockerDocker, Inc.

PDF

Использование Docker в CI / Александр Акбашев (HERE Technologies)Ontico

PPTX

Docker Overview - AWS Tech Connect - Seattle 10/28Mike Coleman

Start tracking your ruby infrastructureSergiy Kukunin

Docker Security workshop slidesDocker, Inc.

Docker for developersandrzejsydor

Building a Secure App with Docker - Ying Li and David Lawrence, DockerDocker, Inc.

Docker Security Deep Dive by Ying Li and David LawrenceDocker, Inc.

Docker Enterprise Edition Overview by Steven Thwaites, Technical Solutions En...Ashnikbiz

Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker, Inc.

DCSF 19 Docker Enterprise Platform and ArchitectureDocker, Inc.

Docker Timisoara: Dockercon19 recap slides, 23 may 2019Radulescu Adina-Valentina

Docker Roadshow 2016Docker, Inc.

Introduction to Docker, Devops Virtualization and configuration managementAbhinShyam1

Dockercon EU 2014Rafe Colton

Accelerate your software development with DockerAndrey Hristov

Accelerate your development with DockerAndrey Hristov

The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...Docker, Inc.

Docker Starter PackSaeed Hajizade

[@NaukriEngineering] Docker 101Naukri.com

Docker on DockerDocker, Inc.

Использование Docker в CI / Александр Акбашев (HERE Technologies)Ontico

Docker Overview - AWS Tech Connect - Seattle 10/28Mike Coleman

More from Docker, Inc. (20)

PDF

Containerize Your Game Server for the Best Multiplayer Experience Docker, Inc.

PDF

How to Improve Your Image Builds Using Advance Docker BuildDocker, Inc.

PDF

Build & Deploy Multi-Container Applications to AWSDocker, Inc.

PDF

Securing Your Containerized Applications with NGINXDocker, Inc.

PDF

How To Build and Run Node Apps with Docker and ComposeDocker, Inc.

PDF

Hands-on Helm Docker, Inc.

PDF

Distributed Deep Learning with Docker at SalesforceDocker, Inc.

PDF

The First 10M Pulls: Building The Official Curl Image for Docker HubDocker, Inc.

PDF

Monitoring in a Microservices WorldDocker, Inc.

PDF

COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...Docker, Inc.

PDF

Predicting Space Weather with DockerDocker, Inc.

PDF

Become a Docker Power User With Microsoft Visual Studio CodeDocker, Inc.

PDF

How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.

PDF

Monolithic to Microservices + Docker = SDLC on Steroids!Docker, Inc.

PDF

Kubernetes at Datadog ScaleDocker, Inc.

PDF

Labels, Labels, Labels Docker, Inc.

PDF

Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelDocker, Inc.

PDF

Build & Deploy Multi-Container Applications to AWSDocker, Inc.

PDF

From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...Docker, Inc.

PDF

Developing with Docker for the Arm ArchitectureDocker, Inc.

Containerize Your Game Server for the Best Multiplayer Experience Docker, Inc.

How to Improve Your Image Builds Using Advance Docker BuildDocker, Inc.

Build & Deploy Multi-Container Applications to AWSDocker, Inc.

Securing Your Containerized Applications with NGINXDocker, Inc.

How To Build and Run Node Apps with Docker and ComposeDocker, Inc.

Hands-on Helm Docker, Inc.

Distributed Deep Learning with Docker at SalesforceDocker, Inc.

The First 10M Pulls: Building The Official Curl Image for Docker HubDocker, Inc.

Monitoring in a Microservices WorldDocker, Inc.

COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...Docker, Inc.

Predicting Space Weather with DockerDocker, Inc.

Become a Docker Power User With Microsoft Visual Studio CodeDocker, Inc.

How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.

Monolithic to Microservices + Docker = SDLC on Steroids!Docker, Inc.

Kubernetes at Datadog ScaleDocker, Inc.

Labels, Labels, Labels Docker, Inc.

Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelDocker, Inc.

Build & Deploy Multi-Container Applications to AWSDocker, Inc.

From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...Docker, Inc.

Developing with Docker for the Arm ArchitectureDocker, Inc.

Recently uploaded (20)

PPTX

MuleSoft MCP Support (Model Context Protocol) and Use Case Demoshyamraj55

PPTX

Future Tech Innovations 2025 – A TechLists InsightTechLists

PDF

Agentic AI lifecycle for Enterprise Hyper-AutomationDebmalya Biswas

PDF

Staying Human in a Machine- Accelerated WorldCatalin Jora

PPTX

The Project Compass - GDG on Campus MSITdscmsitkol

PDF

What’s my job again? Slides from Mark Simos talk at 2025 Tampa BSidesMark Simos

PDF

The Rise of AI and IoT in Mobile App Tech.pdfIMG Global Infotech

PDF

Future-Proof or Fall Behind? 10 Tech Trends You Can’t Afford to Ignore in 2025DIGITALCONFEX

PDF

“Voice Interfaces on a Budget: Building Real-time Speech Recognition on Low-c...Edge AI and Vision Alliance

PDF

“NPU IP Hardware Shaped Through Software and Use-case Analysis,” a Presentati...Edge AI and Vision Alliance

PDF

The 2025 InfraRed Report - Redpoint VenturesRazin Mustafiz

PDF

UPDF - AI PDF Editor & Converter Key FeaturesDealFuel

PDF

Automating Feature Enrichment and Station Creation in Natural Gas Utility Net...Safe Software

PDF

Go Concurrency Real-World Patterns, Pitfalls, and Playground Battles.pdfEmily Achieng

PPTX

Mastering ODC + Okta Configuration - Chennai OSUGHathiMaryA

PDF

“Squinting Vision Pipelines: Detecting and Correcting Errors in Vision Models...Edge AI and Vision Alliance

PDF

AI Agents in the Cloud: The Rise of Agentic Cloud ArchitectureLilly Gracia

PPTX

New ThousandEyes Product Innovations: Cisco Live June 2025ThousandEyes

PDF

Peak of Data & AI Encore AI-Enhanced Workflows for the Real WorldSafe Software

PDF

Newgen Beyond Frankenstein_Build vs Buy_Digital_version.pdfdarshakparmar

MuleSoft MCP Support (Model Context Protocol) and Use Case Demoshyamraj55

Future Tech Innovations 2025 – A TechLists InsightTechLists

Agentic AI lifecycle for Enterprise Hyper-AutomationDebmalya Biswas

Staying Human in a Machine- Accelerated WorldCatalin Jora

The Project Compass - GDG on Campus MSITdscmsitkol

What’s my job again? Slides from Mark Simos talk at 2025 Tampa BSidesMark Simos

The Rise of AI and IoT in Mobile App Tech.pdfIMG Global Infotech

Future-Proof or Fall Behind? 10 Tech Trends You Can’t Afford to Ignore in 2025DIGITALCONFEX

“Voice Interfaces on a Budget: Building Real-time Speech Recognition on Low-c...Edge AI and Vision Alliance

“NPU IP Hardware Shaped Through Software and Use-case Analysis,” a Presentati...Edge AI and Vision Alliance

The 2025 InfraRed Report - Redpoint VenturesRazin Mustafiz

UPDF - AI PDF Editor & Converter Key FeaturesDealFuel

Automating Feature Enrichment and Station Creation in Natural Gas Utility Net...Safe Software

Go Concurrency Real-World Patterns, Pitfalls, and Playground Battles.pdfEmily Achieng

Mastering ODC + Okta Configuration - Chennai OSUGHathiMaryA

“Squinting Vision Pipelines: Detecting and Correcting Errors in Vision Models...Edge AI and Vision Alliance

AI Agents in the Cloud: The Rise of Agentic Cloud ArchitectureLilly Gracia

New ThousandEyes Product Innovations: Cisco Live June 2025ThousandEyes

Peak of Data & AI Encore AI-Enhanced Workflows for the Real WorldSafe Software

Newgen Beyond Frankenstein_Build vs Buy_Digital_version.pdfdarshakparmar

Building a Secure Supply Chain with Docker

1. Secure Supply Chain Security Engineer - Docker inc. Ashwini Oruganti Solutions Architect - Docker inc. Andy Clemenko

5. Docker EE Signing Scanning Promotion

6. • Manual • Cumbersome • Multiple sources

7. Legos?

8. Fire?

9. Starting points store.docker.com

11. Certified Official Community IF? Automated Dockerfile Makes Sense Build Your Own

13. .gitlab-ci.yml Dockerfile app.py flask.yml static templates

14. Automated builds

15. Docker EE Signing Scanning Promotion

16. Developer or CI Trusted Registry

20. 321

21. docker trust

22. Demo Signing Policy + docker trust

23. Docker EE Signing Scanning Promotion

25. Docker EE Signing Scanning Promotion

26. Image Promotion ! Promotes “blessed” images from one repository to another ! Repositories each have their own access control ! Images can be re-tagged automatically to a new tag ! Can be done “manually” or automatically by a “policy” dev / qa / staging / prod /

27. Demo git commit -sam "updated app.py” && git push

28. Workflow Git

29. Workflow Git CI Build/Pull Push

30. Workflow Git CI Build/Pull Push DTR Private Repo Scan/Promote

31. Workflow Git CI Build/Pull Push CI Pull & Sign DTR Private Repo Scan/Promote

32. Workflow Git CI Build/Pull Push CI Pull & Sign DTR Private Repo Scan/Promote DTR Public Repo

33. Docker EE Hosted Demo ● Free 4 Hour Demo ● No Servers Required ● Full Docker EE Cluster Access docker.com/trial

34. https://success.docker.com https://store.docker.com Thank You! @_ashfall_ @aclemenko