Articles by Maxime Greau
Elastic Stack container images signed with Sigstore!
Software supply chain attacks are accelerating. Elastic introduced a new capability of signing the Elastic Stack container images with Sigstore to help verify the provenance before deploying them, and therefore, protect against supply chain attacks.
SHA-512 checksums for Elastic Stack artifacts
Elastic now provide SHA-512 checksum files for all Elastic Stack released artifacts since 5.6.2. No more SHA-1 checksum files will be produced starting with 6.0.0.