rekor

Help Measure CRA Awareness: Take the 2026 Cyber Resiliency Survey

Dec 19

Catching Malicious Package Releases Using a Transparency Log

By OpenSSF Blog, Guest Blog

Trail of Bits, with funding from OpenSSF, is improving Sigstore’s rekor-monitor to help maintainers detect malicious package releases, monitor signing identities, and strengthen software supply chain security using transparency logs.

Oct 15

Love0

Announcing the Sigstore Transparency Log Research Dataset

By OpenSSF Blog, Guest Blog, Sigstore

We’re pleased to announce the creation of a new BigQuery public dataset, rekor. The rekor dataset is an easily-queryable mirror of the public good instance of Sigstore’s transparency log, Rekor.

Catching Malicious Package Releases Using a Transparency Log

Announcing the Sigstore Transparency Log Research Dataset

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox