Tag: cosign

• cosign Verification of npm Provenance, GitHub Artifact Attestations, and Homebrew Provenance
• Sigstore Announcement: New TUF Trust Root and Client Compatibility
• Sigstore Announcement: No Longer Publishing Cosign Releases to GCS Bucket
• Announcing the Sigstore Clients Special Interest Group (sig-clients)
• Bringing Privacy and Security Full Circle Through Automated Authentication
• Cosign 2.0 Released!
• Cosign and Policy-controller with GKE, Artifact Registry and KMS
• How to become the next Sigstore Evangelist?
• Securing Your Software Supply Chain Without Changing Your DevOps Workflow
• New Sigstore Landscape: Add your signed project
• A New Look for Sigstore
• Verify cosign signatures in go using sigstore/sigstore
• How to verify container images with Kyverno using KMS, Cosign, and Workload Identity
• Don’t Panic: A Playbook for Handling Account Compromise with Sigstore