Vladimir Mikhalev

One of fewer than 250 Docker Captains worldwide. Solutions Architect for container infrastructure, security, and cloud-native systems. Technical Editor of "Docker & Kubernetes Security." I test what ships — and publish what I find.

#Cosign

1 post tagged

Docker supply chain hardening — from Scout D to OpenSSF 7.8 on a 730K-pull image

2026-04-22

DevOps & Cloud

How I hardened a 730K-pull public Docker image from Scout grade D to OpenSSF Scorecard 7.8. Multi-stage build, cosign signing, SLSA provenance, non-root default, and the incident that changed how I ship attestations.

#Docker #Container Security #DevSecOps #CI/CD +2 more

2587 words 13 min read

Cover image for Docker supply chain hardening — from Scout D to OpenSSF 7.8 on a 730K-pull image