Image provenance / signed images only
Demonstrate that the organization enforces cryptographic verification of container image signatures prior to deployment, ensuring only trusted and unaltered images from authorized sources execute in production environments.
Description
What this control does
Image provenance and signed images controls require that all container images deployed in production environments be cryptographically signed by trusted publishers and verified before execution. This control enforces that only images with valid digital signatures from authorized registries or build pipelines are permitted to run, preventing the execution of tampered, malicious, or unauthorized container images. Implementation typically involves image signing tools (such as Docker Content Trust, Sigstore/Cosign, or Notary), admission controllers in orchestration platforms (like Kubernetes admission webhooks), and registry policies that reject unsigned or unverified images.
Control objective
What auditing this proves
Demonstrate that the organization enforces cryptographic verification of container image signatures prior to deployment, ensuring only trusted and unaltered images from authorized sources execute in production environments.
Associated risks
Risks this control addresses
- Execution of malicious container images injected by external attackers who compromise public registries or man-in-the-middle image pulls
- Deployment of backdoored images inserted by insider threats or compromised developer accounts without detection
- Supply chain attacks where upstream base images or dependencies are replaced with trojanized versions
- Runtime execution of images with known vulnerabilities that bypass scanning due to lack of provenance validation
- Privilege escalation through deployment of unauthorized privileged containers that lack proper authorization trails
- Compliance violations and audit failures due to inability to prove chain of custody for deployed software artifacts
- Operational disruption from unintentional deployment of untested or incorrect image versions lacking proper release approval
Testing procedure
How an auditor verifies this control
- Obtain and review the organization's container image signing and verification policy, including approved signing authorities, key management procedures, and registry requirements
- Identify all container orchestration platforms, registries, and deployment pipelines in scope for the audit period
- Export and examine admission controller configurations (such as Kubernetes ValidatingWebhookConfiguration, PodSecurityPolicy, or OPA/Gatekeeper policies) that enforce image signature verification
- Select a sample of 15-20 container images currently running in production and retrieve their image digests, signatures, and signing metadata from the container runtime or registry API
- Verify each sampled image signature using the organization's public keys or certificate chains, confirming signatures are valid and signed by authorized entities
- Attempt to deploy an unsigned or improperly signed test image to a production namespace or cluster to validate that admission controls actively reject unauthorized images
- Review build pipeline configurations and CI/CD automation scripts to confirm automatic image signing is integrated at the artifact publication stage
- Examine access logs and audit trails from image registries and signing services for the audit period, confirming no unsigned images were pulled or deployed to production environments
Where this control is tested