Procedural
Disallowing Privileged Pods
Using Policy Controller to prevent running privileged pods
Disallowing Run as Root UserUsing Policy Controller to prevent running pods as root
Maximum Container Image AgeMaximum container image age with Policy Controller
Disallowing Unsafe sysctlsUse Policy Controller to limit pods to safe sysctls
Verify Signed Chainguard ImagesUsing Policy Controller to Verify Signed Chainguard Images
How to Verify File Signatures with CosignUse Cosign to verify non-container software artifacts
How to Set Up Pull Through from Chainguard Registry to ArtifactoryTutorial outlining how to set up a remote Artifactory repository to pull Images through from the Chainguard Registry.