Here a suggestion on how to improve the security on your supply chain, by creating a Software Bill of Materials of your resulting container and signing both the image and the SBOM.
This way, you can:
use the SBOM for later inspecting the image in production to check if there is any known vulnerability
Hello there!
Here a suggestion on how to improve the security on your supply chain, by creating a Software Bill of Materials of your resulting container and signing both the image and the SBOM.
This way, you can:
Based on https://github.com/Project-MONAI/monai-deploy-app-sdk/pull/474 https://hackweek.opensuse.org/23/projects/package-monai-machine-learning-models-for-medical-applications