K3Y Ltd presented a paper at IEEE SEEDA-CECNSM 2025

K3Y Ltd is proud to share that the paper entitled “Beyond Container CVE Analysis: A GitOps-Based Attestation and Sandbox Framework for Container Supply Chains” was presented at the IEEE 10th South-East Europe Design Automation, Computer Engineering, Computer Networks and Social Media Conference (SEEDA-CECNSM 2025)

The authors (Evangelos Syrmos, Panagiotis Radoglou Grammatikis, Efklidis Katsaros, Jyoti Sekhar Banerjee, Anastasia Kazakli, Konstantinos Panitsidis, Vasileios Vitsas and Panagiotis Sarigiannidis) present a GitOps-driven sandboxing and attestation framework for securing container supply chains beyond traditional CVE-based analysis. The proposed approach combines static vulnerability scanning with dynamic behavioural inspection using gVisor-based sandboxing, enabling the detection of malicious patterns and zero-day threats in container images prior to deployment. The framework supports stronger trust guarantees even in the absence of SBOMs or defined SLSA levels and aligns with security standards such as NIST SP 800-218 and ISO/IEC 27001.

This work was implemented in the context of P2CODE project.

The paper is available in IEEE Xplore.