What is an SBOM (software bill of materials)?
A conceptual overview of SBOMs
How to Sign an SBOM with Cosign
Signing software bills of materials with Cosign
How to Retrieve SBOMs for Chainguard Images
A brief tutorial on how to use Cosign to retrieve Chainguard Image SBOMs.
Rego Policies
Writing Rego-based policies for Sigstore Policy Controller
Getting Started with OpenVEX and vexctl
Using vexctl to manage vulnerability communications
What Makes a Good SBOM?
An explanation of what makes a good SBOM
What is OpenVex?
A conceptual overview of OpenVex