SBOM & Supply Chain Back to directory

Cosign

Signs and verifies container images and artifacts to enforce trusted supply chain provenance.

Tool type

Open Source

Cloud support

Multi

Compliance relevance

SLSA · NIST

When to use

Use Cosign when your team needs stronger coverage in SBOM & Supply Chain and you want outputs that can map to both operational guardrails and audit evidence.

Visit official website More in SBOM & Supply Chain More for SLSA

Cosign

Tool type

Cloud support

Compliance relevance

When to use

Related tools