To improve supply chain security in modern software development, we created the open source tool Connaisseur that ensures integrity and provenance of container images in Kubernetes - simple, flexible, secure.

Supply Chain Security

An Attack Vector on the Rise

Modern infrastructures increasingly rely on automation and the integration of open source and third-party solutions. Besides the enormous advantages, the risk and prevalence of supply chain attacks is also growing. Supply chain attacks do not target the runtime system itself, but the sources of its components. This can be the internal build pipeline or an external vendor. Here, cyber criminals benefit from the limited influence and visibility that target systems have towards their suppliers.

Supply chain attacks increased fourfold in 2021

Supply Chain Security for Kubernetes


The open source tool Connaisseur is aimed at protecting the supply chain for Kubernetes clusters. Connaisseur acts as an admission controller that verifies signatures of container images before deployment to the cluster. As such, it intercepts resource creation or update requests sent to the Kubernetes cluster, identifies all container images and verifies their signatures against pre-configured public keys. Based on the result, it either accepts or denies those requests. Thus, Connaisseur ensures integrity as well as provenance of container images in a Kubernetes cluster.

Begin improving your Kubernetes Supply Chain in only a matter of minutes

Try it out

Connaisseur is developed under three core values: Security, Usability, Compatibility. It supports different signature solutions and provides additional features to allow seamless and sustainable Kubernetes supply chain security tailored to modern development organizations. Connaisseur is aimed at advancing the overall community and we therefore encourage everyone to contribute via discussions, issues or direct pull requests. Getting started with Connaisseur is only a matter of minutes, so try it out!

Contact for Defensive Security

Talk to Our Experts
Philipp Belitz
Security Engineer
Philipp is part of our Defensive Security Team supporting our clients to design, build and operate secure solutions. Philipp is expert for secure internet architectures and modern technology stacks.