SBOM

What is an SBOM (software bill of materials)?
A conceptual overview of SBOMs
How to Sign an SBOM with Cosign
Signing software bills of materials with Cosign
Rego Policies
Writing Rego-based policies for Sigstore Policy Controller
Getting Started with OpenVEX and vexctl
Using vexctl to manage vulnerability communications
What Makes a Good SBOM?
An explanation of what makes a good SBOM
How to Retrieve SBOMs for Chainguard Containers
How to get SBOM for container images: Chainguard provides Software Bill of Materials for every image - retrieve with Cosign for complete supply chain transparency
What is OpenVex?
A conceptual overview of OpenVex