diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml
index ac5c69e8..ab157dd6 100644
--- a/.github/workflows/build-push.yml
+++ b/.github/workflows/build-push.yml
@@ -36,12 +36,10 @@ jobs:
           # When modifying please update the tags in the clean up workflow as well
           tags: |
             type=raw,value=latest,enable={{is_default_branch}}
-            type=ref,event=branch
             type=ref,event=pr
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
-            type=sha
       - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
       - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
       - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
@@ -61,9 +59,13 @@ jobs:
           provenance: true
           cache-from: type=gha
           cache-to: type=gha,mode=max
-      - name: Sign the published Docker image
-        env:
-          COSIGN_EXPERIMENTAL: "true"
-        # This step uses the identity token to provision an ephemeral certificate
+      - uses: crazy-max/ghaction-container-scan@3e9c23f89cd6b0bda949ffe14f28a3ce282323b7 # v3.0.0
+        with:
+          image: ${{ env.REGISTRY }}/${{ github.repository }}@${{ steps.build-and-push.outputs.digest }}
+      - name: Sign the image with GitHub OIDC token
+        # This step uses the GitHub OIDC identity token to provision an ephemeral certificate
         # against the sigstore community Fulcio instance.
-        run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign --yes {}@${{ steps.build-and-push.outputs.digest }}
+        env:
+          DIGEST: ${{ steps.build-and-push.outputs.digest }}
+          TAGS: ${{ steps.meta.outputs.tags }}
+        run: cosign sign --yes "${TAGS}@${DIGEST}"
diff --git a/.github/workflows/cleanup-pr-image.yml b/.github/workflows/cleanup-pr-image.yml
index 5d41daa5..1e9667c1 100644
--- a/.github/workflows/cleanup-pr-image.yml
+++ b/.github/workflows/cleanup-pr-image.yml
@@ -7,41 +7,25 @@ on:
 permissions:
   contents: read
 
+env:
+  REGISTRY: ghcr.io
+
 jobs:
-  generate-tag-matrix:
-    runs-on: ubuntu-latest
-    outputs:
-      tags: ${{ steps.matrix.outputs.tags }}
-    steps:
-      - uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0
-        id: meta
-        with:
-          images: ${{ env.REGISTRY }}/${{ github.repository }}
-          # Generate Docker tags based on the following events/attributes
-          tags: |
-            type=raw,value=latest,enable={{is_default_branch}}
-            type=ref,event=branch
-            type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=semver,pattern={{major}}
-            type=sha
-      - run: |
-          TAGS="$(echo "${{ steps.meta.outputs.tags }}" | jq -c --raw-input 'split(",")')"
-          echo "tags=${TAGS}" >> "${GITHUB_OUTPUT}"
-        id: matrix
   delete-images:
     runs-on: ubuntu-latest
     permissions:
       packages: write
-    needs: generate-tag-matrix
-    strategy:
-      matrix:
-        tag: ${{ fromJSON(needs.generate-tag-matrix.outputs.tags) }}
     steps:
+      - uses: sigstore/cosign-installer@11086d25041f77fe8fe7b9ea4e48e3b9192b8f19 # v3.1.2
+      - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - run: cosign clean -f --type=signature "${{ env.REGISTRY }}/${{ github.repository }}:pr-${{ github.event.pull_request.number }}"
       - uses: bots-house/ghcr-delete-image-action@3827559c68cb4dcdf54d813ea9853be6d468d3a4 # v1.1.0
         with:
           owner: ${{ github.repository_owner }}
           name: ${{ github.event.repository.name }}
           token: ${{ secrets.GITHUB_TOKEN }}
-          tag: ${{ matrix.tag }}
+          tag: pr-${{ github.event.pull_request.number }}
diff --git a/README.md b/README.md
index c5b8b89b..e88476d8 100644
--- a/README.md
+++ b/README.md
@@ -23,6 +23,16 @@ The container can be built and tested locally by importing this repository in VS
 
 A test task is available to run the included `bats` tests. Choose `Tasks: Run Task` from the command pallette and choose `Run Tests`.
 
+## Verify image signature
+
+The container image is signed with [SigStore](https://www.sigstore.dev/) [Cosign](https://docs.sigstore.dev/signing/quickstart/) using a keyless signing method.
+
+The signature can be verified with the following command (using Docker), verifying that the image is actually signed by the GitHub CI system:
+
+```sh
+docker run --rm gcr.io/projectsigstore/cosign verify ghcr.io/philips-software/amp-devcontainer --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp https://github.com/philips-software/amp-devcontainer
+```
+
 ## Usage
 
 The resulting container can be used in a `.devcontainer` folder. While the example uses the `latest` tag, it is recommended to pin to a specific version. Or better yet, a specific SHA.