What's in Your Container? Securing the Software Supply Chain Without Slowing Down

How do we secure massive, complex supply chains without slowing your developers down to a crawl? This talk provides a simple preview to Red Hat’s Trusted Software Supply Chain, based on three pillars: Transparency through the Trusted Profile Analyzer; Identity, thanks to the Trusted Artifact Signer; and Guardrails, with the Advanced Cluster Security for Kubernetes. Talk presented at the 2026 Red Hat Summit Connect Switzerland event on January 14th, 2026. Introduction Welcome to this presentation titled “What’s in your Container? Securing the Supply Chain without Slowing Down”. This talk was first presented at the 2026 Red Hat Summit Connect Switzerland event in January 14th, 2026. My name is Adrian Kosmaczewski, and I am a Senior Architect at Red Hat Switzerland. The “Black Box” Problem Let us talk about the “Black Box” problem. Imagine, for a moment, that you walk into a grocery store to buy a frozen lasagna for your family dinner. You pick up the box from the freezer aisle. You toss…