Send us a text

Josh walks us through the powerful combination of open-source CNCF projects that address different aspects of container supply chain security. Learn how Trivy scans for vulnerabilities, Copasetic performs targeted patching when base image updates aren't possible, Notation provides digital signatures to verify trust, and Ratify enforces security policies at deployment time. Together, these tools create a comprehensive approach to securing containers from build to runtime.

Ready to strengthen your container security posture? Listen now and discover how these tools can integrate into your existing workflows. Remember to follow us on social media to stay updated with more insights from community experts and share your thoughts on this episode!