Guest post by Aditya Sirish, in-toto maintainer and Cole Kennedy, member of the in-toto steering committee The Integration Revolution Being part of the DevOps world, you’re likely no stranger to the DevSecOps buzz — the strategy of embedding…

The CNCF Technical Oversight Committee (TOC) has accepted the in-toto project as a CNCF incubating project. The in-toto project aims to cryptographically protect the entire software build and delivery process – the “supply chain” – from malicious actors.

The CNCF Technical Oversight Committee (TOC) has voted to accept in-toto as a CNCF incubating project.  in-toto is a framework that protects the software supply chain by collecting and verifying relevant data. It does so by enabling libraries…

Cloud native technology continues to make an impact across industries and geographies SAN FRANCISCO, Calif. – October 18, 2023 – The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced today that 36…

Community post by KubeEdge SIG-Security (Reprinted from the KubeEdge blog) In July 2022, the KubeEdge community completed a third-party security audit of KubeEdge[2] and released a paper on cloud native edge computing security threat analysis and protection. Based…

Guest post originally published on SparkFabrik’s blog Containerized applications are becoming increasingly more common, and with their deployment comes an increased need to ensure adequate container security and resilience of the software supply chain. In this article, we will…

Guest post originally published on the Cloudsmith blog by Ciara Carey Ciara lists 10 ways to make your software pipelines more transparent and observable to gain insights, identify unusual behavior and possibly prevent a software supply chain attack….

The CNCF Technical Oversight Committee (TOC) has voted to accept Kyverno as a CNCF incubating project.  Kyverno is a policy engine designed for Kubernetes. Policies provide security and automation and simplify managing Kubernetes configurations across developers, operators, and…

Guest post originally published on the Mia-Platform blog by Giulio Roggero, CTO, Mia-Platform We live in an ever‑changing world where technology plays a key role in evolution. The ultimate expression of this concept is KubeCon Valencia, the flagship event…

The CNCF Technical Oversight Committee (TOC) has voted to accept KubeVirt as a CNCF incubating project.  KubeVirt enables users to run virtual machine workloads on top of Kubernetes in a Kubernetes-native way. It allows the migration of legacy…