sget
-
Getting hands on with Sigstore Cosign on AWS
Jan 31, 2023 | 13 minute read
Getting hands on with Sigstore Cosign on AWS I am currently putting together some content around how you can use a number of open source tools to help build a stronger defence against common software supply chain attacks. In this blog post, I look at emerging tools from Sigstore, and focus in this post on Cosign, a tool that supports container image signing, verification, and storage in an Open Container Initiative (OCI) registry.