Subscribe

Kubernetes To Use Sigstore To Stop Supply Chain Attacks

Kubernetes will now add cryptographically signed signatures to protect users and organizations from supply chain attacks.

Access to the cryptographically signed signatures is via the Sigstore project created by the Linux Foundation.

Using sigstore certificates allows Kubernetes users to verify the authenticity and integrity of the distribution they are using.

According to founding Sigstore developer Dan Lorenc, the use of Sigstore certificates gives “users the ability to verify signatures and have greater confidence in the origin of each Kubernetes binary, source code bundle, and container image.”

Lorenc pointed out that Kubernetes’ adoption of Sigstore is part of its work on supply chain levels for Software Artifacts (SLSA). SLSA is a framework developed by Google for the internal protection of its software supply chain.

The Sigstore project is also aimed at Python developers. The aim of this project will be to release a new tool for signing Python packages as well as major package repositories such as Maven Central and RubyGems.

The sources for this piece include an article in ZDNet.

Top Stories

Toyota confirms leak of 240GB of sensitive data in recent hack

Former Google CEO Eric Schmidt makes controversial comments

Study finds 94% of spreadsheets have critical errrors

Study says 94% of spreadsheets contain critical errors

Elon Musk claims DDoS attack caused issues in live-streamed interview with Trump – experts are skeptical

Google anti-trust ruling a financial disaster for Firefox

Related Articles

Cloudflare Launches Open Source Tool for Secure, Keyless SSH Authentication

March 30, 2025 Cloudflare has released an open-source tool called OPKSSH (OpenPubkey SSH), which allows developers and IT teams to use more...

Charities Consider Linux as Windows 11 Hardware Requirements Pose Challenges

March 16, 2025 Windows 10 will cease receiving security updates after October 2025, and this means charities and non-profit organizations face more...

Mozilla sued for discrimination and retaliation by Chief Product Officer Steve Teixeira

June 25, 2024 Mozilla Corporation, along with three of its executives, is facing a lawsuit in the US for alleged disability more...

Target’s new AI is aimed at employees

June 20, 2024 Target is introducing a new generative artificial intelligence tool aimed at enhancing the efficiency of its store employees more...

Jim Love

Jim Is and author and pud cast host with over 40 years in technology.

Share:
X/Twitter
Linkedin
Blue Sky
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.