Containers are everywhere these days, but how do you really know the image you’re deploying is the one you built and that it hasn’t been tampered with? In this session, we’ll skip the theory and focus on practical ways to bring real trust into your container supply chain.

We’ll look at how to sign your images, attach verifiable attestations like SBOMs and provenance, and enforce policies so only trusted containers make it to production. Along the way, I’ll share lessons learned, common pitfalls, and patterns that actually work in practice.

By the end, you’ll have a clear idea of how to make sure your containers are authentic, verified, and safe to deploy.

Target audience: Developers, platform engineers, DevOps and security practitioners interested in container security and software supply chain integrity.

Session duration: 45–60 minutes, including demos and Q&A.