- OpenPubKey and Sigstore
by dlor on 10/6/23, 3:12 AM, with comments
- The Tyranny of Nits
by dlor on 9/30/23, 2:09 PM, with comments
- CVSS 4.0 Is Here, but Prioritizing Patches Still a Hard Problem
by dlor on 7/24/23, 3:58 PM, with comments
- CWE Top Most Dangerous Software Weaknesses
by dlor on 7/13/23, 10:57 AM, with comments
- The EU’s Product Liability Directive could kill open source
by dlor on 7/10/23, 4:19 PM, with comments
- Elastic Stack container images signed with Sigstore
by dlor on 6/30/23, 11:24 AM, with comments
- Shrink to Secure: Kubernetes and Secure Compact Containers
by dlor on 6/29/23, 12:39 PM, with comments
- Supply chain security for Go, Part 2: Compromised dependencies
by dlor on 6/24/23, 12:48 AM, with comments
- The Principle of Minimalism
by dlor on 6/22/23, 5:40 PM, with comments
- Fully bootstrapping Java from source in Wolfi
by dlor on 6/2/23, 4:50 PM, with comments
- Removing PGP from PyPI
by dlor on 5/23/23, 2:09 PM, with comments
- Sigstore: Roots of Trust for Software Artifacts
by dlor on 5/15/23, 1:39 PM, with comments