HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ktrychon1

38 karmajoined قبل 4 سنوات

Submissions

What AI Sandboxing Means

kenhuangus.substack.com
2 points·by ktrychon1·قبل 8 أيام·1 comments

New Container Runtime Styrolite

github.com
4 points·by ktrychon1·السنة الماضية·0 comments

[untitled]

2 points·by ktrychon1·قبل سنتين·0 comments

Chainguard Open Sources GitHub STS App

github.com
2 points·by ktrychon1·قبل سنتين·1 comments

Bazel Ruels for Apko

github.com
1 points·by ktrychon1·قبل 3 سنوات·0 comments

Securing AI Container Images

i-programmer.info
2 points·by ktrychon1·قبل 3 سنوات·0 comments

Elastic partners with Chainguard on Software Supply Chain security assessment

elastic.co
2 points·by ktrychon1·قبل 3 سنوات·0 comments

Open Container Initiative announces upcoming changes for registries

chainguard.dev
59 points·by ktrychon1·قبل 3 سنوات·9 comments

Aerospace Village release new badge for DEFCON 31

tindie.com
1 points·by ktrychon1·قبل 3 سنوات·1 comments

Cyber experts work to write code in safer languages

washingtonpost.com
2 points·by ktrychon1·قبل 3 سنوات·0 comments

GitHub Fixes Information Leak Bug in Its Container Registry

chainguard.dev
1 points·by ktrychon1·قبل 3 سنوات·0 comments

What's what with Wolfi, the Linux “undistribution,” and ARM

opensourcewatch.beehiiv.com
4 points·by ktrychon1·قبل 4 سنوات·0 comments

Slack Says Hackers Stole Private Source Code Repositories

securityweek.com
8 points·by ktrychon1·قبل 4 سنوات·1 comments

Government Workers Facing Seven Years in Prison for Not Updating Software

slate.com
3 points·by ktrychon1·قبل 4 سنوات·0 comments

A Year Later, That Brutal Log4j Vulnerability Is Still Lurking

wired.com
4 points·by ktrychon1·قبل 4 سنوات·0 comments

[untitled]

1 points·by ktrychon1·قبل 4 سنوات·0 comments

Securing the Machine Learning Supply Chain

chainguard.dev
2 points·by ktrychon1·قبل 4 سنوات·0 comments

Lessons from Leaked Android Platform Signing Keys

chainguard.dev
3 points·by ktrychon1·قبل 4 سنوات·1 comments

Software supply chain security is broader than SolarWinds and Log4j

techcrunch.com
1 points·by ktrychon1·قبل 4 سنوات·1 comments

Chainguard Enforce is now available on AWS Marketplace

chainguard.dev
2 points·by ktrychon1·قبل 4 سنوات·1 comments

comments

ktrychon1
·قبل سنتين·discuss
Octo STS a “Security Token Service” (STS) for GitHub credentials. Using this App, workloads running essentially anywhere that can produce OIDC tokens can federate with this App's STS API in order to produce short-lived tokens for interacting with GitHub.
ktrychon1
·قبل 3 سنوات·discuss
This badge is built around the ESP32-S2 microcontroller serving as its own Wi-Fi access point. Additionally, the Wright Flyer badge has expansion capabilities to showcase two of your favorite #SAO.

Upon conclusion of #DEFCON 31, the source code will be made available for anyone who wants to modify and upgrade their very own copy of flight history.

All proceeds will go towards supporting our mission to build an inclusive community & promote knowledge.
ktrychon1
·قبل 4 سنوات·discuss
On November 30, 2022, the Android Security and Privacy Team project published a vulnerability report as part of the Android Partner Vulnerability Initiative, which tracks security issues for Android Original Equipment Manufacturers (OEMs).

As attackers increase their sophistication, our defensive technologies for software signing must grow more sophisticated as well. This post focused primarily on the Android ecosystem in light of recent events, but the lessons learned apply to all systems for distributing software securely, including the internal software supply chain of any organization.

To protect yourself, it’s best to use tools with these principles built-in. For instance, Sigstore has transparency as a fundamental component, and uses TUF to manage its own root of trust, ensuring that if the worst were to happen, the project can safely recover.
ktrychon1
·قبل 4 سنوات·discuss
The security vendor landscape is selling a pipedream that “scanners” and “software composition analysis” wares can detect all of the critical vulnerabilities at the software artifact level. They don’t.
ktrychon1
·قبل 4 سنوات·discuss
Chainguard today announced the availability of Chainguard Enforce on Amazon Web Services (AWS) Marketplace. Chainguard Enforce is a software supply chain risk management platform that helps organizations secure every step of the software development lifecycle, by continuously monitoring security metadata to make real-time policy decisions for container application workloads.

The availability of Chainguard Enforce on AWS Marketplace makes it easier for existing AWS customers, software developers, enterprises and small and mid-sized businesses (SMB) to discover, purchase and deploy Chainguard Enforce in their existing AWS account.