Containers can provide SBoMs too and in comparison to HA OS, which is what the comment was referring to, container and core give you better control over the application allowing for more security mechanisms. Comparing container vs core for security is interesting cause container gives you some security features for free like seccomp, cap drops, namespacing, etc. which you don’t get for free with core.
I find the claim that core is more secure than a container because it has an SBoM as dubious, but maybe you’re talking generally about containers vs distro package managers, which is a different point, but SBoM isn’t the only thing that makes some secure/stable.
Containers can provide SBoMs too and in comparison to HA OS, which is what the comment was referring to, container and core give you better control over the application allowing for more security mechanisms. Comparing container vs core for security is interesting cause container gives you some security features for free like seccomp, cap drops, namespacing, etc. which you don’t get for free with core.
I find the claim that core is more secure than a container because it has an SBoM as dubious, but maybe you’re talking generally about containers vs distro package managers, which is a different point, but SBoM isn’t the only thing that makes some secure/stable.