notation
Safeguard articles tagged "notation" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Azure ACR Image Signing with Notation Policy
Azure Container Registry plus Notation gives you signing, trust policy, and AKS enforcement without bolting on Sigstore. Here is how the pieces actually fit together.
AWS ECR Signing Policies with Notation
ECR now supports Notation-based image signing and trust policy enforcement. Here is how to design signing policies that survive scale and auditors.
AWS Signer with Notation: Designing a Trust Policy That Survives Contact
AWS Signer integrates with Notation for OCI image signing. The hard part is not signing — it is the trust policy that decides what gets to run. We walk through one that holds up.
Signing container images with AWS Signer for supply chain...
A practical walkthrough for signing container images with AWS Signer, verifying them in ECR and EKS, and closing supply chain gaps with cryptographic trust.
Notary v2 Content Trust: A Practical Implementation Guide
Docker Content Trust never gained traction. Notary v2, now called Notation, is the replacement. Here is how to implement it and what has changed.