all InfoSec news
Docker's BuildKit adds SBOM attestation capabilities: How they work — and key limitations
Malware Analysis, News and Indicators - Latest topics malware.news
Docker added support for build-time attestations and software bills of materials (SBOM) in its BuildKit tool earlier this year, giving development teams a way to maintain a complete record of the build process for each image and the software components within it.
BuildKit, Docker's build engine for building container images, is an improvement over the company's legacy, script-based Dockerfile build engine. Docker claims that the tool improves build performance and the reusability of Dockerfiles.
While these features are vital …
attestation bills build buildkit capabilities claims container container images development docker engine features images improvement key legacy performance process sbom script security software software components software supply chain software supply chain security supply supply chain supply chain security support teams the company tool work