If you’re not using a https://thenewstack.io/how-to-create-a-software-bill-of-materials/ yet, you will be soon. They’re seen as essential groundwork for building code security defense.
It provides an initial specification in https://thenewstack.io/why-and-how-you-should-manage-json-with-sql/ It’s been shown to work with Kubernetes 1.19 and newer; hyperscale cloud services providers; and do-it-yourself Kubernetes. With the KBOM’s shell interface, cloud security teams can gain a comprehensive understanding of third-party tooling within their environment.
Since https://www.cncf.io/announcements/2022/02/10/cncf-sees-record-kubernetes-and-container-adoption-in-2021-cloud-native-survey/ to orchestrate container deployments, clearly there’s a deployment security gap here.