sigstore
@projectsigstore
sigstore is a non-profit , public good software signing service funded under the OpenSSF. https://t.co/HYGAJ06Z11 [email protected]
ID:1366293442574319617
01-03-2021 07:45:40
1,0K Tweets
4,2K Followers
1 Following
Supply chain security took a giant leap forward this month as Sigstore officially became a graduated project within the OpenSSF. This milestone is a testament to Sigstore’s maturity, adoption. Learn more about Sigstore & how to get involved: openssf.org/blog/2024/03/2…
#OSSSecurity
Next week me and Valentin Hristev will speak about #containers and how to secure deployments and how you can utilize Project Harbor build in features like signing with #cosign from sigstore and implement blocking if Aqua Trivy finds something 🧀 in the image! :) #meetup
Very nice talk by Mihai Maruseac which proposes already existing solutions such as SLSA or sigstore to secure AI/ML the same way as traditional software PackagingCon