Conceptual
The Differences between SBOMs and Attestations
An overview of the differences between attestations and SBOMs
What is SLSA?A conceptual overview of SLSA
Using Grype to Scan Container Images for VulnerabilitiesLearn to use Grype to detect CVEs in images
Migrating Dockerfiles to Chainguard ImagesGuidance on how to migrate existing Dockerfile workloads to use Chainguard Images
What is the Open Container Initiative?The Open Container Initiative (OCI) is a Linux Foundation project dedicated to managing specifications and projects related to the storage, distribution, and execution of container images.
Using Trivy to Scan Software ArtifactsLearn to use Trivy to analyze container images and other software artifacts for a variety of issues
What are OCI Artifacts?OCI artifacts are a way of using OCI registries, or container registries that are compliant with specifications set by the Open Container Initiative, to store arbitrary files.