SBOM as a default during builds is the first step to start making users aware that it matters & build tools/package managers take this seriously. It can then be left upto users to utilise and distribute it for technical & compliance reasons. What can you do ? Use Buildsafe -

Started working on a solution to hermetic builds (by Docker). Simple solution, multiple languages. Note: It's in active development; contributors are welcome. Easy path to SLSA compliance.

We almost agree. We enable users by letting them easily pack those OS packages in the base image (and you're free to layer it as you wish i.e one layer per package,etc) and the Dockerfile can be used for app builds/interpreters. This way, OS packages are patched dependabot style.

Make sure to checkout BuildSafe and start doing supply chain security as devs! Its that simple.

Want enterprise path for supply chain security - DM us!

Have you set your schedule for KubeCon NA? Make sure to add my talk to your schedule, would love to share a story with you. Also would love to connect with people and talk Kubernetes multitenancy at Loft Booth. sched.co/1i7lW #KubeCon #CloudNativeCon #vCluster

Kubecon travel starting soon, this is my first time travelling to Salt Lake City. I am giving two sessions at the conference The Spice Must Flow Green: CNCF's Environmental Sustainability TAG with Marlow Warnicke (Weston) -> sched.co/1hovS Cloud Native Sustainability

Security is the number one challenge in the Kubernetes ecosystem. Talk to me about BuildSafe on how it helps to deploy 0CVE apps on your clusters.

Coming to SOSS community day happening a day before KubeCon India? Make sure to check out these two session where Saiyam, Harsh and Rakshit will discuss a lot about 0CVE, SBOM, supply chain & also buildsafe. dm to schedule a demo. sched.co/1rTcV sched.co/1rTck

talk link - sched.co/1rTcV

Enjoyed the talk by Saiyam Pathak and Harsh on how to convert an existing Dockerfile to a hermetic build with full attestation and provenance. Meet buildsafe, a new tool github.com/buildsafedev

Did you miss the talk by Harsh and Saiyam Pathak on how to achieve SLSA Compliance - a proper end to end Hermetic build of OCI image example as part of the Github Actions pipeline. You should definitely check out the demo. buildsafe.dev/adoption/adopt…

InfraCloud - An Improving Company Barun AccuKnox KubeArmor Abhimanyu Dhamija OpenSSF Rakshit and Harsh now talking about 0-CVE strategies at OpenSSF #SOSSCommunityDay India 🇮🇳 BuildSafe

Check out Buildsafe today!

Kubernetes 1.32 has been released! Release Name - Penelope Total Enhancements - 44 Coming to Alpha - 19 Moved to Beta - 12 Graduated to Stable - 13 This release highlights stable enhancements like custom resource field selectors, memory-backed volume sizing, and structured

Want to know more about SLSA? Hermetic builds? Reproducibility? Hermetic build DEMO ? How Buildsafe helps? The the talk that Saiyam and harsh gave is already out! Watch it now -> youtu.be/eD6dX-1jkb0?si…

Creating 0 cve images should be mandatory and buildsafe lets you do that easily and without depending on any vendor! Go do it now and save time and money!

🔥 It's LIVE! I’m super excited to announce the release of -> The Kubernetes Course 2025 A hands-on project focused Kubernetes course that takes you from zero to deploying real-world microservices application and learn all the concepts on the way! I spent all my weekends on this