Don’t Panic: A Playbook for Handling Account Compromise with SigstoreApr 25, 2022 by Zachary Newman Photo by Tonik on Unsplash Despite your best efforts, you may no longer trust artifacts, keys, or identities when signing software. A container might turn out to have vulnerabilities, a key might be lost, or worse: a trusted account could be compromised. There’s a myth that Sigstore makes revocation