Verifying Artifacts for Security and Data Integrity
Artifacts (any files in the images), like the images themselves, are of unknown origin. (M025) There is no way to control how the artifacts were created or what they contain.
Files obtained from uncontrolled sources may contain undesirable features or malicious code.
Where possible, artifacts should only be obtained from trusted sources and verified using appropriate methods (e.g., PGP keys). In the case of open-source software, consider building it yourself.
Please feel free to contact us for any question that is not answered yet.
We are looking forward to get in contact with you!