You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Software Bill of Materials (SBOM) provides insights of the components involved, a bit like a nested ingredient list and signed images enables the user to verify that the image actually contains what it clams to.
I've noticed that other images within the Cilium project are signed by cosign and I believe it would provide good value from a security perspective to be able to validate the images, although I couldn't find such signatures from the Hubble images.
Software Bill of Materials (SBOM) provides insights of the components involved, a bit like a nested ingredient list and signed images enables the user to verify that the image actually contains what it clams to.
I've noticed that other images within the Cilium project are signed by cosign and I believe it would provide good value from a security perspective to be able to validate the images, although I couldn't find such signatures from the Hubble images.
See here for more information:
https://docs.cilium.io/en/stable/configuration/verify-image-signatures/#verify-signed-container-images
cilium/cilium#21918
The text was updated successfully, but these errors were encountered: