CNCF Brings Security to the Cloud Native Stack with Notary, TUF Adoption

The Cloud Native Computing Foundation continues to vigorously build its portfolio of open source cloud-native technologies. CNCF’s Technical Oversight Committee voted to accept both the Docker-developed Notary trusted content framework and the specification Notary was built on, TUF, as the 13th and 14th hosted projects, respectively.

The organizations announced the new members at the Open Source Summit Europe, being held this week in Prague.

Released by Docker in 2015, Notary manages the metadata needed to ensure the integrity of container image updates, even those on untrusted networks and linked to compromised registries. The software allows developers to sign applications at every step of development, blocking malicious content from being injected into the workflow.

Read more at The New Stack