In this video, we dive into the world of SBOM (Software Bill of Materials) creation and image scanning to help you ace your CKS certification. Here's what you'll learn:
1️⃣ Introduction to SBOM: Understand its importance in supply chain security.
2️⃣ Creating SBOMs:
- Generate SPDX format SBOM for the controller manager image using BOM CLI.
- Create CycloneDX format SBOM with Trivy.
3️⃣ Reading SBOMs: Learn how to interpret SBOMs using Trivy.
4️⃣ Image Scanning with Trivy: Step-by-step demo of scanning images for vulnerabilities.
5️⃣ Integrating SBOM in CI/CD Pipelines: Real-world example using GitHub Actions.
🛠️ All commands & examples: https://github.com/kubesimplify/cks-certification/tree/main/sbom
🔗 Trivy: https://github.com/aquasecurity/trivy
🔗 BOM CLI: https://github.com/kubernetes-sigs/bom
Full CKS playlist - https://youtube.com/playlist?list=PL5uLNcv9SibBu_KgCL-OSHzFFzlafKm6F&si=JBgA2As4eD-HAqIs
This video is part of the CKS Certification Exam Scenario Series to help you master real-world Kubernetes security scenarios.
Don't forget to like, share, and subscribe for more cloud-native content! 🌟
►►►Connect with me ►►►
► Kubesimplify: https://kubesimplify.com/newsletter
► Newsletter: https://saiyampathak.com/newsletter
► Discord: https://saiyampathak.com/discord
► Twitch: https://saiyampathak.com/twitch
► YouTube: https://saiyampathak.com/youtube.com
► GitHub: https://github.com/saiyam1814
► LinkedIn: https://www.linkedin.com/in/saiyampathak/
► Website: https://saiyampathak.medium.com/
► Instagram: http://instagram.com/saiyampathak/
► https://twitter.com/saiyampathak