Image-scanning

Container Image Security — Distroless, SBOM, and Supply Chain Hardening

Harden container images with multi-stage builds, distroless images, non-root users, vulnerability scanning (Trivy), SBOM generation (Syft), image signing (Cosign), and admission controllers to block unsigned images.