In the context of enhancing security for cloud-native environments, Dynatrace has introduced Cosign-signed immutable container images designed for Kubernetes and cloud applications, addressing potential vulnerabilities in CI/CD pipelines. These signed images offer improved security by ensuring that only verified and tamper-proof observability tools are deployed, which is critical for compliance, reliability, and consistent performance. The Dynatrace Operator facilitates secure lifecycle management of components necessary for Kubernetes cluster monitoring, and the integration of these images into deployment pipelines is supported across various platforms, including Amazon Elastic Container Registry (ECR) and Docker Hub. By allowing users to independently verify images, Dynatrace aims to mitigate supply chain attacks, thus maintaining the integrity of its observability stack. This initiative aligns with Dynatrace's mission to set a new standard in cloud-native security and observability, providing users with a robust framework for securing digital infrastructure.