Aug 27, 2024
Innovative Supply Chain Security for Enterprise Cloud Platform Service
This blog explores how Guidewire Cloud Platform is using and collaborating with GUAC. Read more.
Jun 4, 2024
OpenSSF Case Study: Enhancing Open Source Security with Sigstore at Stacklok
Stacklok was founded in 2023 by Craig McLuckie (co-creator of Kubernetes) and Luke Hinds (creator of the OpenSSF project Sigstore), with the goal of helping developers produce and consume open source software more safely. Read more.
May 24, 2024
Introducing Artifact Attestations—Now in Public Beta
There’s an increasing need across enterprises and the open source ecosystem to have a verifiable way to link software artifacts back to their source code and build instructions. And with more than 100 million developers building on GitHub, we want to ensure that developers have the tools needed to help… Read more.
Mar 25, 2024
How Intel Uses OpenSSF Scorecard To Better Secure Its Software Portfolio
Scorecard is an automated tool from the OpenSSF that assesses 19 different vectors with heuristics ("checks") associated with important software security aspects and assigns each check a score of 0-10. You can use these scores to understand specific areas to improve in order to strengthen the security posture of your… Read more.
Feb 16, 2024
Scaling Up Supply Chain Security: Implementing Sigstore for Seamless Container Image Signing
In this post, we will explore how Yahoo leverages Sigstore, in concert with Athenz, an open source platform for managing X.509 certificates, as an internal Certificate Authority, to sign and verify container images. Read more.
Mar 20, 2023
Improving Supply Chain Security: IBM as a user and a contributor to Open Source Security Foundation Scorecard
Scorecard is becoming a key part of IBM’s review and curation of the open-source software in our products and services. IBM is committed to helping address the systemic security issues in modern SW supply chains and believes an important part of this effort is to help the open-source ecosystem improve… Read more.