Garantir Blog

Check out the latest cybersecurity posts from Garantir on topics like key management, secure software development, code signing, privileged access management (PAM), and more.

Secure Container Signing with Cosign and PKCS#11

Over the past few years container adoption has grown rapidly. With it has grown the need to sign container images to help prevent supply chain attacks. The standards and tools to sign images have evolved over the years, and can still be a bit tricky to navigate for those new to container signing. This post will provide a brief background on some of the tools and standards, the pros and cons of each, and some best practices to follow when signing in your environment.

Read More »