Cosign

dhi.io/cosign

Cosign

CIS
FIPS
STIG
linux/amd64
linux/arm64

Cosign supports container signing, verification, and storage in an OCI registry. Written in Go, it aims to make signatures invisible infrastructure.

About Cosign

Cosign is a CLI tool designed to sign and verify software artifacts, such as container images, using the Sigstore framework. It plays a key role in securing the software supply chain by enabling digital signatures that confirm the origin and integrity of released software.

For more details, see https://docs.sigstore.dev/.

About Docker Hardened Images

Docker Hardened Images are built to meet the highest security and compliance standards. They provide a trusted foundation for containerized workloads by incorporating security best practices from the start.

Why use Docker Hardened Images?

These images are published with zero-known CVEs, include signed provenance, and come with a complete Software Bill of Materials (SBOM) and VEX metadata. They're designed to secure your software supply chain while fitting seamlessly into existing Docker workflows.

Trademarks

This listing is prepared by Docker. All third-party product names, logos, and trademarks are the property of their respective owners and are used solely for identification. Docker claims no interest in those marks, and no affiliation, sponsorship, or endorsement is implied.

Try DHI Enterprise

Start a free 30-day DHI Enterprise trial to mirror this image to your organization's registry and unlock full benefits.

SLA-backed CVE remediations

FIPS & STIG-compliant variants

Customizations at enterprise scale

Try DHI Enterprise
Security summary

Distribution:

debian 13

Packages

352

Vulnerabilities

0
0
1
1
2
View full security details
Recently pushed images

Cosign 3.x (fips, dev)

Updated: 2 days ago

Cosign 3.x (fips)

Updated: 2 days ago

Cosign 3.x (dev)

Updated: 2 days ago

Cosign 3.x

Updated: 2 days ago

Cosign 3.x (fips, dev)

Updated: 2 days ago

View all
Got questions or feedback about this image?

Join GitHub Discussions or our Slack community to share ideas, ask questions, and connect with the team.

Go to discussionsJoin community