In our BinAuthz webinar, Sandra Guo (Google) and Tomas Gonzalez (Synopsys) explain Black Duck’s role in the software signing process. Available on demand.
Containers and Kubernetes have changed the way organizations develop and deploy applications. But with increased agility comes increased risk. The last thing any company wants is to deploy software from unknown sources or with known vulnerabilities.
Binary Authorization (BinAuthz) together with Google Kubernetes Engine (GKE) allows you to “sign” software as it moves through the software supply chain. This way, you can ensure that no software goes to production till you approve it. In this webinar, Sandra Guo from Google and Tomas Gonzalez from Synopsys discuss the role that Black Duck software composition analysis plays in this signing process. They also demonstrate how Black Duck SCA, as part of a Cloud Build workflow, can attest to the security and license compliance of a software offering, so you can deploy with confidence.
Who: Sandra Guo, product manager, Google; Tomas Gonzalez, technical alliances manager, Synopsys