validatedpatterns · mlorenzofr · Dec 8, 2025 · Dec 11, 2025 · Dec 11, 2025 · Dec 11, 2025
diff --git a/content/patterns/layered-zero-trust/_index.adoc b/content/patterns/layered-zero-trust/_index.adoc
@@ -67,6 +67,8 @@ The solution integrates many Red{nbsp}Hat components to offer:
 * Identity and access management by using the Red{nbsp}Hat build of Keycloak (RHBK).
 * Certificate management for secure communications.
 * External secret management integration.
+* Cryptographic signing and verification.
+* SBOM vulnerability analysis.
 
 [id="architecture"]
 === Architecture
@@ -94,6 +96,18 @@ The pattern consists of the following key components:
 * link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.14[{rh-rhacm-first}]
 ** Provides a management control plane in multi-cluster scenarios.
 
+* link:https://docs.redhat.com/en/documentation/red_hat_quay/3.15[Red{nbsp}Hat Quay]
+** Enables a private repository for OCI images within the environment.
+
+* link:https://docs.redhat.com/en/documentation/red_hat_openshift_container_storage/4.8/html/managing_hybrid_and_multicloud_resources/index[Multicloud Object Gateway]
+** Provides an object storage service for {ocp}.
+
+* link:https://docs.redhat.com/en/documentation/red_hat_trusted_artifact_signer/1.3[Red{nbsp}Hat Trusted Artifact Signer (RHTAS)]
+** Provides cryptographic signing and verification of software artifacts and container images.
+
+* link:https://docs.redhat.com/es/documentation/red_hat_trusted_profile_analyzer/2.2[Red{nbsp}Hat Trusted Profile Analyzer (RHTPA)]
+** Provides the storage and management means for _Software Bill of Materials_ (SBOMs), with cross-referencing capabilities between SBOMs and CVEs/Security Advisories.
+
 [id="sidecar-pattern"]
 ==== Sidecar pattern
 
@@ -127,3 +141,7 @@ The following technologies are used in this solution:
 * *Compliance Operator*: Provides ability to scan and remediate cluster hardening based on profiles
 * *QTodo application*: Serves as a sample Quarkus-based application to show zero trust principles.
 * *PostgreSQL database*: Provides the backend database for the demonstration application.
+* *Multicloud Object Gateway*: Lightweight object storage service for {ocp}. Used by Quay for the storage of binary blobs.
+* *Red{nbsp}Hat Quay*: Private registry for OCI images.
+* *Red{nbsp}Hat Trusted Artifact Signer*: Facilitates signing and verification of software artifacts.
+* *Red{nbsp}Hat Trusted Profile Analyzer*: Enables SBOM file analysis and vulnerability detection.