Tag: security
- cosign Verification of npm Provenance, GitHub Artifact Attestations, and Homebrew Provenance
- Homebrew's Sigstore-powered provenance is in beta
- npm's Sigstore-powered provenance goes GA
- Sigstore Support in npm launches for Public Beta
- Cosign 2.0 Released!
- Cosign and Policy-controller with GKE, Artifact Registry and KMS
- Sigstore January Roundup
- Sigstore December Roundup
- Using Sigstore to meet FedRAMP Compliance at Autodesk
- How Sigstore quickly patched an upstream vulnerability
- Adopting Sigstore Incrementally
- Sigstore: Bring-your-own sTUF with TUF
- Spooky Updates for Sigstore!
- Sigstore project update — September 2021
- Sigstore Project Update — August 2021
- It’s ten o’clock, do you know where your private keys are?
- Cosign 1.0!
- Sigstore June Update!
- A New Kind of Trust Root
- The Update Framework and You
- How to Sign a Release of OSS
- Cosign Image Signatures
- Cosign — Signed Container Images
- SSH is the new GPG