Trusting SBOMs In The Software Supply Chain: Syft Now Creates Attestations Using Sigstore
With the recent release of Syft v0.40.0, you can now create signed SBOM attestations directly in Syft. This is made possible by Project Sigstore, which makes signing and verification of software artifacts…
Share