With last week's SLSA 1.0 announcement and Kusari's commitment to the success of SLSA we have open sourced Spector, a library and tooling for helping generate, validate, and verify SLSA v1.0 provenance attestations! kusari.dev/blog/spector-a…

Where is the GUAC! The question of the week will finally be answered today at 3:10 PM. Join us for the answer and actual guacamole and chips! sched.co/1K5Hn

GUAC's v0.1 beta release is around the corner! Be sure to join the community meeting this Thursday at 1 PM EST to get all the details and how to get started with GUAC! We also have a Slack channel for easy communication if you cannot attend. Link: github.com/guacsec/guac#c…

Don’t let the version number fool you, the Graph for Understanding Artifact Composition (aka Guac 🥑) latest release is packed with features! 🤩 If you’re not solving your supply chain security concerns with OSS tools like this, you’re doing it wrong. kusari.dev/blog/guac-beta…

Only 42 stars left until GUAC repo is short 0.1k of 1000 stars. If you haven't seen it already, here's the link: github.com/guacsec/guac

The GUAC talk at OSS NA is now public on YouTube: youtu.be/mkZJcIkOF8Q. Give it a watch and let us know what ideas you have for GUAC, how can we help you, etc.

“Tim Miller on Storage Management with Guac” 🎧 Listen to the full episode with Tim Miller and DJ Schleen 👉 dabom.show/tim-miller/ Tim Miller @djschleen #sbom #cybersecurity #guac #slsa

If you haven't checked out GUAC, now's a great time, and we'd love it if you gave us a star while you're there! 1k is right there 👊

Be sure to join us this Thursday (7/20) at 1 PM EST for the #GUAC community meeting! We are excited to be demoing the work being done on the persistent backend: ArangoDB, ENT, and Neptune! Invite to the community call can be found on the community page: guac.sh/community/

#GUAC community meeting today in 3 hours! Links here: guac.sh/community/

Only 37 spots left in the very exclusive club of people who are among the first 1k stargazers on GUAC. github.com/guacsec/guac

Only 25 stars left for #guac to hit 1k. If you haven't yet, we'd love the little nudge to 1k. You can bet there will be guac served at the party! 🥳🥑 github.com/guacsec/guac

Welcome to the OpenSSF TAC Michael Lieberman!

Kusari's GUACademy is now live! The first video in the series is an introduction to GUAC with other follow on videos that will cover installation to advanced queries. Be sure to subscribe 😉! youtube.com/watch?v=U7jRTZ…

🥑 GUAC has hit 1k Github stars!!! Exactly since 1 year ago since the project started this time last year!!! Big thank you to our community and supporters! star-history.com/#guacsec/guac&…

Brandon Lum and I wrote a book on software supply chain security. Check it out! mng.bz/vPxa. Use code mllieberman for 45% off. It goes from threat model to architecture and talks about many of the OWASP® Foundation, OpenSSF, Christine, and The Linux Foundation tools and frameworks.

We wrote a book about supply chain security! Check it out and use code mileberman for a 45% discount!

📢New in MEAP📢 Securing the Software Supply Chain by Michael Lieberman and Brandon Lum mng.bz/yZYe #SupplyChainSecurity #SBOM #AppSec Secure your entire software supply chain, including the code you write, the libraries you use, and the platforms you run on.

🥑+🤖🧠=🔐 We got a super exciting GUAC community meeting coming up this week... which may or may not feature some LLMs!! Come join us and see some cool demos from Ridwan Hoq Sertaç Özercan and more! Meeting invite details at guac.sh/community

This was a privilege and Gregor Vand was a great host!