For over a year now, I’ve been dealing a lot with security and compliance in our company. One major goal is to only use “trustworthy” software. But what does “trustworthy” mean? Especially in the discussion about Docker images, it took us many exhausting hours to find …