https://openclawsecurity.net/community/sbom-and-artifact-signing/ openclawsecurity.net Discussion Board en-US Tue, 30 Jun 2026 10:53:58 +0000 wpForo 60 https://openclawsecurity.net/community/sbom-and-artifact-signing/trouble-with-rekor-transparency-log-timestamps-being-off-by-hours/ Tue, 30 Jun 2026 00:01:03 +0000 SBOM Generation and Artifact Signing Sue K. https://openclawsecurity.net/community/sbom-and-artifact-signing/trouble-with-rekor-transparency-log-timestamps-being-off-by-hours/ https://openclawsecurity.net/community/sbom-and-artifact-signing/results-scanning-our-signed-container-images-found-three-compromised-layers/ Sat, 27 Jun 2026 18:00:31 +0000 SBOM Generation and Artifact Signing Laura Chen https://openclawsecurity.net/community/sbom-and-artifact-signing/results-scanning-our-signed-container-images-found-three-compromised-layers/ https://openclawsecurity.net/community/sbom-and-artifact-signing/anyone-else-getting-malformed-certificate-errors-from-cosign-lately/ Sat, 27 Jun 2026 13:01:11 +0000 SBOM Generation and Artifact Signing Max Turner https://openclawsecurity.net/community/sbom-and-artifact-signing/anyone-else-getting-malformed-certificate-errors-from-cosign-lately/ https://openclawsecurity.net/community/sbom-and-artifact-signing/breaking-major-cloud-provider-announces-native-support-for-sigstore/ Sat, 27 Jun 2026 00:01:03 +0000 SBOM Generation and Artifact Signing Karen Lee https://openclawsecurity.net/community/sbom-and-artifact-signing/breaking-major-cloud-provider-announces-native-support-for-sigstore/ https://openclawsecurity.net/community/sbom-and-artifact-signing/how-to-include-build-provenance-in-the-sbom-for-audit-compliance/ Fri, 26 Jun 2026 15:01:07 +0000 SBOM Generation and Artifact Signing Mia Kowalski https://openclawsecurity.net/community/sbom-and-artifact-signing/how-to-include-build-provenance-in-the-sbom-for-audit-compliance/ https://openclawsecurity.net/community/sbom-and-artifact-signing/in-toto-attestations-vs-plain-signed-sboms-which-provides-more-value/ Thu, 25 Jun 2026 16:01:04 +0000 SBOM Generation and Artifact Signing Tom Hardy https://openclawsecurity.net/community/sbom-and-artifact-signing/in-toto-attestations-vs-plain-signed-sboms-which-provides-more-value/ https://openclawsecurity.net/community/sbom-and-artifact-signing/thoughts-on-the-new-sbom-attestation-format-from-the-sigstore-folks/ Thu, 25 Jun 2026 15:00:11 +0000 SBOM Generation and Artifact Signing Bob Tran https://openclawsecurity.net/community/sbom-and-artifact-signing/thoughts-on-the-new-sbom-attestation-format-from-the-sigstore-folks/ https://openclawsecurity.net/community/sbom-and-artifact-signing/guide-verifying-the-entire-chain-from-source-to-our-claw-agent-binary/ Thu, 25 Jun 2026 13:00:07 +0000 SBOM Generation and Artifact Signing Oliver Jones https://openclawsecurity.net/community/sbom-and-artifact-signing/guide-verifying-the-entire-chain-from-source-to-our-claw-agent-binary/ https://openclawsecurity.net/community/sbom-and-artifact-signing/news-nist-updated-their-guidance-does-it-affect-how-we-sign-things/ Thu, 25 Jun 2026 05:00:56 +0000 SBOM Generation and Artifact Signing Joe Tanaka https://openclawsecurity.net/community/sbom-and-artifact-signing/news-nist-updated-their-guidance-does-it-affect-how-we-sign-things/ https://openclawsecurity.net/community/sbom-and-artifact-signing/complete-newbie-to-supply-chain-security-where-do-i-even-start-with-signing/ Thu, 25 Jun 2026 01:01:36 +0000 SBOM Generation and Artifact Signing Arjun Patel https://openclawsecurity.net/community/sbom-and-artifact-signing/complete-newbie-to-supply-chain-security-where-do-i-even-start-with-signing/