OCI
Safeguard articles tagged "OCI" — guides, analysis, and best practices for software supply chain and application security.
9 articles
How to Scan a Container Image for Vulnerabilities
Scan any Docker or OCI image for OS-package and application-layer vulnerabilities, understand the results, and gate risky images before they reach your registry — with copy-paste commands.
GitHub Actions Immutable Actions GA: Why OCI-Backed Action Distribution Closes the tj-actions Class of Attack
GitHub's 2026 roadmap puts Immutable Actions GA at the center of Actions supply-chain hardening, publishing actions as OCI artifacts with hash-mismatch fail-fast and full composite-action visibility.
Oracle Cloud Tenancy Disclosure Practices: A Defender's Read
Oracle Cloud's disclosure cadence and tenancy isolation story have been pressure-tested across multiple incidents. We unpack what defenders should ask of their provider regardless of vendor.
OCI + CNCF Image Supply Chain: 2026 Snapshot
Where the OCI and CNCF image supply chain ecosystem actually sits in 2026, what has stabilized, what is still contested, and what to deploy now versus later.
Using OCI dynamic groups to authenticate CI/CD pipelines
A practical guide to eliminating static credentials in CI/CD using OCI dynamic groups, matching rules, and OCI DevOps service authentication instead of API keys.
Kubernetes 1.30 and 1.31 Security Rundown
ValidatingAdmissionPolicy GA, VolumeSource for OCI artifacts, and anonymous API cleanup: what 1.30 and 1.31 change for cluster security posture.
SBOM Storage and Distribution Infrastructure
Generating SBOMs is solved. Storing, versioning, and distributing them at scale is the next engineering challenge.
Container Image Signing with Cosign: A Practical Deep Dive
Cosign makes signing and verifying container images straightforward. Here's everything you need to know to implement it in your pipeline.
OCI Artifact Signing Standards: Making Sense of the Landscape
Container image signing has gone through multiple iterations. Here is where the OCI standards stand now and what you need to implement.