#SBOM

1 posts

Docker Advanced #4: SBOM and Signing — The Entry to Supply Chain Security
7 min read

Docker Advanced #4: SBOM and Signing — The Entry to Supply Chain Security

Make a machine-readable bill of materials (SBOM) of what is in this image, and verify who built it with a cosign signature. The supply chain security toolkit that became standard after the xz incident.