Conceptual
What Makes a Good SBOM?
An explanation of what makes a good SBOM
Chainguard GlossarySoftware supply chain security vocabulary
Verified OrganizationsAn overview of how to verify your organization and the implications
What Is a Build Horizon?What a build horizon is and why enforcing maximum artifact age is a key practice for keeping software secure and up to date
What is OpenVex?A conceptual overview of OpenVex
False Positives and False Negatives with Container Images ScannersAn overview of the formation of false positive and false negative vulnerability results in container image scanners
The Differences between SBOMs and AttestationsAn overview of the differences between attestations and SBOMs