The fine folks behind rustls have released the first version of their ABI compatible drop-in replacement for OpenSSL, implemented in Rust: github.com/rustls/rustls-…

Exciting! ✨

Happy first day of the fiscal Q2 to everyone who celebrates!

Scoop: Cybersecurity and Infrastructure Security Agency is asking software companies to sign a pledge committing them to implementing seven key 'secure-by-design' goals.

CISA plans to announce the pledge with ~50 signatories at RSA next week.

Major test of efficacy of CISA's SBD campaign.

wired.com/story/cisa-cyb…

Check out our team's whitepaper on 'Securing the AI Software Supply Chain' using provenance information. We need to make provenance as ubiquitous as TLS/SSL and it is critical for a robust and trustworthy AI ecosystem - research.google/pubs/securing-…

Hey Darren Shepherd I heard you love Python and infra, I bet you'll love this: pyinfra.com

👀 Chainguard ⛓️ has released its innaugural State of Hardened Container Images Landscape. Its a great in-depth analysis that compares the current 'hardened' container images landscape.

chainguard.dev/unchained/hard…

🧵 of top takeaways

‘Open Source’ Has a Definition, Let’s Get Serious about Defending It thenewstack.io/open-source-ha… Mark Collier 柯理怀 #OpenSource #LLama3 #LLM

Chainguard will be at #RSAC 2024 on Tuesday, May 7 at the Museum of the African Diaspora for a day of fun that includes:

🎥 Movie matinees, presented by #blackgirlshack is fundraising
🎤 🍸 Cocktails and karaoke, presented by #ShareTheMicInCyber

And more!

Sign up today: get.chainguard.dev/rsa-2024?utm_s…

Chainguard ⛓️ 's Amazing Adrian Mouat is going to join me tomorrow to fix all of my terrible security issues with my twitch alert containers... Live on twitch!
time: everytimezone.com/s/e4f1b488
location: twitch.tv/marekcounts
Join me!

Looking forward to this tomorrow!

I don't know know where Chainguard ⛓️ keep the Amazing Adrian, but you've got me for this one.

My mom asked me if I got the bread out for breakfast yet.

I yelled 'NVD'.

She knew it was toast.

nvd.nist.gov/general/news/n…

.Trail of Bits announces new Leighton-Micali Signatures (LMS) to support post-quantum readiness for Sigstore (sigstore.dev):
blog.trailofbits.com/2024/04/26/ann…

“So, the next time someone tells you that a hyper-cloud company is just an open source leech, do yourself a favor and check into it.”
theregister.com/2024/04/27/opi…

Have you felt the need for a more flexible and composable Dockerfile alternative? Here's an example of a multi-stage pipeline with Dagger go, python and typescript functions to build a Go app OCI image using Chainguard ⛓️'s Wolfi base image

Aaron Meurer Chris Holdgraf 🐘 @[email protected] The number one cited reason when those who contribute to upstream open source development projects end their participation is “no longer paid to do the work.”

Anyone confused by this is underestimating how powerful IBM's field team is.

Great thread here!

🤝 GitGuardian uses Chainguard Images to improve collaboration between developer and security teams, while reaching zero CVEs!

See how they do it in this case study: chainguard.dev/case-studies/g…

\We’ve open-sourced our pure Rust and Go implementations of the post-quantum Leighton-Micali Hash-Based Signatures (LMS)! Explore secure digital signatures designed to withstand quantum attacks. blog.trailofbits.com/2024/04/26/ann…

We've officially launched our beta program for CUDA optimized Images! chainguard.dev/unchained/anno…

We're starting soon! Watch us live!