Dan Lorenc
@lorenc_dan
OSS Supply Chain Security. Founder/CEO/Primary Ariba Admin at https://t.co/sGmuUU9JbG
Sigstore: https://t.co/dWKlyYu6kv
ID:2474676878
http://dlorenc.medium.com 02-05-2014 23:47:30
13,1K Tweets
9,4K Followers
2,0K Following
Scoop: Cybersecurity and Infrastructure Security Agency is asking software companies to sign a pledge committing them to implementing seven key 'secure-by-design' goals.
CISA plans to announce the pledge with ~50 signatories at RSA next week.
Major test of efficacy of CISA's SBD campaign.
wired.com/story/cisa-cybβ¦
Hey Darren Shepherd I heard you love Python and infra, I bet you'll love this: pyinfra.com
π Chainguard βοΈ has released its innaugural State of Hardened Container Images Landscape. Its a great in-depth analysis that compares the current 'hardened' container images landscape.
chainguard.dev/unchained/hardβ¦
𧡠of top takeaways
βOpen Sourceβ Has a Definition, Letβs Get Serious about Defending It thenewstack.io/open-source-haβ¦ Mark Collier ζ―ηζ #OpenSource #LLama3 #LLM
Chainguard will be at #RSAC 2024 on Tuesday, May 7 at the Museum of the African Diaspora for a day of fun that includes:
π₯ Movie matinees, presented by #blackgirlshack is fundraising
π€ πΈ Cocktails and karaoke, presented by #ShareTheMicInCyber
And more!
Sign up today: get.chainguard.dev/rsa-2024?utm_sβ¦
Chainguard βοΈ 's Amazing Adrian Mouat is going to join me tomorrow to fix all of my terrible security issues with my twitch alert containers... Live on twitch!
time: everytimezone.com/s/e4f1b488
location: twitch.tv/marekcounts
Join me!
Looking forward to this tomorrow!
I don't know know where Chainguard βοΈ keep the Amazing Adrian, but you've got me for this one.
.Trail of Bits announces new Leighton-Micali Signatures (LMS) to support post-quantum readiness for Sigstore (sigstore.dev):
blog.trailofbits.com/2024/04/26/annβ¦
Aaron Meurer Chris Holdgraf π @[email protected] The number one cited reason when those who contribute to upstream open source development projects end their participation is βno longer paid to do the work.β
π€ GitGuardian uses Chainguard Images to improve collaboration between developer and security teams, while reaching zero CVEs!
See how they do it in this case study: chainguard.dev/case-studies/gβ¦