In this example you will create a witness attestation and policy for an artifact and verify it. This example includes verifying a step policy with a rego policy.
In this example you will use Sigstore's Fulcio service as a signer provider for witness. This example also includes verifying the ephemeral key used to sign the attestation using a timestamp authority.
In this example you will use Witness' tracing feature to detect and stop a process tampering attack.
In this example you will use Vault's PKI Secrets Engine as a signer provider for witness.