HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ktrychon1

38 karmajoined 4 ปีที่แล้ว

Submissions

What AI Sandboxing Means

kenhuangus.substack.com
2 points·by ktrychon1·8 วันที่ผ่านมา·1 comments

New Container Runtime Styrolite

github.com
4 points·by ktrychon1·ปีที่แล้ว·0 comments

[untitled]

2 points·by ktrychon1·2 ปีที่แล้ว·0 comments

Chainguard Open Sources GitHub STS App

github.com
2 points·by ktrychon1·2 ปีที่แล้ว·1 comments

Bazel Ruels for Apko

github.com
1 points·by ktrychon1·3 ปีที่แล้ว·0 comments

Securing AI Container Images

i-programmer.info
2 points·by ktrychon1·3 ปีที่แล้ว·0 comments

Elastic partners with Chainguard on Software Supply Chain security assessment

elastic.co
2 points·by ktrychon1·3 ปีที่แล้ว·0 comments

Open Container Initiative announces upcoming changes for registries

chainguard.dev
59 points·by ktrychon1·3 ปีที่แล้ว·9 comments

Aerospace Village release new badge for DEFCON 31

tindie.com
1 points·by ktrychon1·3 ปีที่แล้ว·1 comments

Cyber experts work to write code in safer languages

washingtonpost.com
2 points·by ktrychon1·3 ปีที่แล้ว·0 comments

GitHub Fixes Information Leak Bug in Its Container Registry

chainguard.dev
1 points·by ktrychon1·3 ปีที่แล้ว·0 comments

What's what with Wolfi, the Linux “undistribution,” and ARM

opensourcewatch.beehiiv.com
4 points·by ktrychon1·4 ปีที่แล้ว·0 comments

Slack Says Hackers Stole Private Source Code Repositories

securityweek.com
8 points·by ktrychon1·4 ปีที่แล้ว·1 comments

Government Workers Facing Seven Years in Prison for Not Updating Software

slate.com
3 points·by ktrychon1·4 ปีที่แล้ว·0 comments

A Year Later, That Brutal Log4j Vulnerability Is Still Lurking

wired.com
4 points·by ktrychon1·4 ปีที่แล้ว·0 comments

[untitled]

1 points·by ktrychon1·4 ปีที่แล้ว·0 comments

Securing the Machine Learning Supply Chain

chainguard.dev
2 points·by ktrychon1·4 ปีที่แล้ว·0 comments

Lessons from Leaked Android Platform Signing Keys

chainguard.dev
3 points·by ktrychon1·4 ปีที่แล้ว·1 comments

Software supply chain security is broader than SolarWinds and Log4j

techcrunch.com
1 points·by ktrychon1·4 ปีที่แล้ว·1 comments

Chainguard Enforce is now available on AWS Marketplace

chainguard.dev
2 points·by ktrychon1·4 ปีที่แล้ว·1 comments

comments

ktrychon1
·2 ปีที่แล้ว·discuss
Octo STS a “Security Token Service” (STS) for GitHub credentials. Using this App, workloads running essentially anywhere that can produce OIDC tokens can federate with this App's STS API in order to produce short-lived tokens for interacting with GitHub.
ktrychon1
·3 ปีที่แล้ว·discuss
This badge is built around the ESP32-S2 microcontroller serving as its own Wi-Fi access point. Additionally, the Wright Flyer badge has expansion capabilities to showcase two of your favorite #SAO.

Upon conclusion of #DEFCON 31, the source code will be made available for anyone who wants to modify and upgrade their very own copy of flight history.

All proceeds will go towards supporting our mission to build an inclusive community & promote knowledge.
ktrychon1
·4 ปีที่แล้ว·discuss
On November 30, 2022, the Android Security and Privacy Team project published a vulnerability report as part of the Android Partner Vulnerability Initiative, which tracks security issues for Android Original Equipment Manufacturers (OEMs).

As attackers increase their sophistication, our defensive technologies for software signing must grow more sophisticated as well. This post focused primarily on the Android ecosystem in light of recent events, but the lessons learned apply to all systems for distributing software securely, including the internal software supply chain of any organization.

To protect yourself, it’s best to use tools with these principles built-in. For instance, Sigstore has transparency as a fundamental component, and uses TUF to manage its own root of trust, ensuring that if the worst were to happen, the project can safely recover.
ktrychon1
·4 ปีที่แล้ว·discuss
The security vendor landscape is selling a pipedream that “scanners” and “software composition analysis” wares can detect all of the critical vulnerabilities at the software artifact level. They don’t.
ktrychon1
·4 ปีที่แล้ว·discuss
Chainguard today announced the availability of Chainguard Enforce on Amazon Web Services (AWS) Marketplace. Chainguard Enforce is a software supply chain risk management platform that helps organizations secure every step of the software development lifecycle, by continuously monitoring security metadata to make real-time policy decisions for container application workloads.

The availability of Chainguard Enforce on AWS Marketplace makes it easier for existing AWS customers, software developers, enterprises and small and mid-sized businesses (SMB) to discover, purchase and deploy Chainguard Enforce in their existing AWS account.