Conceptual

Chainguard Glossary
Software supply chain security vocabulary
Verified Organizations
An overview of how to verify your organization and the implications
What is OpenVex?
A conceptual overview of OpenVex
False Positives and False Negatives with Container Images Scanners
An overview of the formation of false positive and false negative vulnerability results in container image scanners
The Differences between SBOMs and Attestations
An overview of the differences between attestations and SBOMs
What is SLSA?
A conceptual overview of SLSA
What is the Open Container Initiative?
The Open Container Initiative (OCI) is a Linux Foundation project dedicated to managing specifications and projects related to the storage, distribution, and execution of container images.