Supply Chain Security - 20%

Minimize base image footprint

Refer Docker best practices

Secure your supply chain: whitelist allowed image registries, sign and validate images

Refer Admission Controllers ImagePolicyWebhook

Use static analysis of user workloads (e.g. kubernetes resources, docker files)

Scan images for known vulnerabilities

Refer Trivy