SBOM Archives

The Cyber Resilience Act and Cloud Native: Understanding the Impact

How the EU Cyber Resilience Act will impact Kubernetes, containers and cloud native supply chains ahead of the 2027 enforcement deadline ...

Jacob Mammoliti | March 13, 2026 | container security, Cyber Resilience Act, kubernetes, SBOM, software supply chain, Vulnerability Management

SRE, autoscaling, Tailscale, Kubernetes, argo cd, Kubernetes v1.33, AI, Nelm, Kubernetes, architecture, , architecture, Rackspace, GPUs, Kubernetes, Solo.io Kubernetes cloud foundry keptn cloud-native automation

Enterprise Kubernetes Isn’t a Cluster. It’s a Platform and a Supply Chain.

Kubernetes is the OS for modern apps — but enterprises need platforms, not just clusters. Focus on standardized paved paths, supply‑chain security (signing, SBOMs, provenance), GitOps + policy automation, multi‑tenant guardrails, and ...

Dan Ciruli | March 6, 2026 | enterprise Kubernetes, GitOps, image signing, policy as code, SBOM, supply‑chain security

Survey Surfaces Raft of Container Security Challenges

A BellSoft survey reveals gaps in container security practices, showing that human error, limited vulnerability scanning, and infrequent patching continue to expose cloud-native environments to risk ...

Mike Vizard | January 29, 2026 | BellSoft survey, cloud native security, container patching, container security, DevSecOps, image signing, Kubernetes security, SBOM, software supply chain security, vulnerability scanning

TLS, certificates, Docker, vulnerabilities, supply chain, KubeCon, SigStore, Kubernetes TrapX container security

Docker, Inc. Adds More Than a Thousand Free Hardened Container Images

Docker is releasing more than 1,000 hardened container images under an open source license, aiming to cut vulnerabilities and strengthen software supply chains ...

Mike Vizard | December 17, 2025 | Alpine containers, cloud native security, container security, CVE management, Debian containers, DevSecOps, Docker AI Assistant, Docker hardened images, docker hub, hardened container images, open source containers, SBOM, SLSA provenance, software supply chain security

How Distroless Containers Defend Against npm Malware Attacks

The npm breach shows why distroless containers matter. Learn how minimal, continuously rebuilt images strengthen cloud-native supply-chain security ...

Chainguard cloud-native Tigera Kubernetes supply chain

Chainguard Adds Automatic SBOM Generation Capability

Chainguard added an ability to automatically generate an SBOM for containers to its Enforce control plane to secure cloud-native applications ...

Mike Vizard | July 19, 2023 | Chainguard, cloud native, SBOM, software supply chain

KSOC Publishes SBOM Specification for Kubernetes

Kubernetes Security Operations Center (KSOC) this week published a Kubernetes Bill of Materials (KBOM) specification that promises to make it simpler to discover vulnerabilities. KBOM, available via an open source command line ...

Mike Vizard | May 12, 2023 | KBOM, KSOC, kubernetes, Kubernetes security, SBOM, software bill of materials

Docker, Inc. to Integrate Free SBOM Generation Tool

Docker, Inc. plans to embed the ability to dynamically generate a software bill of materials (SBOM) using the Docker Build command that developers use to build Docker images from a Dockerfile. Company ...

Mike Vizard | September 22, 2022 | application development, Atomist, docker, SBOM

Platform engineering, cloud native, app development, Kubernetes, developer platform Docker cloud-native applications Anchore SBOM metrics full cycle complexity software development

Anchore Extension Can Generate SBOMs for Container Apps

Anchore today added an extension to its software supply chain management platform for container-based applications that can automatically generate and continuously update a software bill of materials (SBOM). Kim Weins, senior vice ...

Mike Vizard | March 22, 2022 | anchore, Anchore Enterprise, cloud-native applications, containers, SBOM, software bill of materials