Software supply chain quickly became a hot topic in the last few years, especially as the number of high-profile attacks increased and the White House got involved. Sigstore, an open source project ...

Container orchestrator Kubernetes will now include cryptographically signed certificates, using the Sigstore project created last year by the Linux Foundation, Google, Red Hat and Purdue University, ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

One of the great virtues of open-source software – which is that anyone can contribute – is also one of its greatest weaknesses. The issue is that supply-chainlike process by which projects involving ...

The Linux Foundation, Red Hat, Google, and Purdue have unveiled the free 'sigstore' service that lets developers code-sign and verify open source software to prevent supply-chain attacks. As ...

Following the 2020 SolarWinds cyberespionage campaign, in which Russian hackers slipped tainted updates into a widely used IT management platform, a series of further software supply chain attacks ...

After being instrumental in launching the Kubernetes open source project, Kubernetes co-founders Craig McLuckie and Joe Beda left Google to launch Heptio in 2016. They then sold the company to VMware ...

Kubernetes co-founder Craig McLuckie and Sigstore founder Luke Hinds today announced the launch of a new software supply chain company called Stacklok, after the company raised $17.5 million in ...

Notable incidents such as SolarWinds and Log4j have placed a focus on software supply chain security. They have also sent security teams in search of tools to ensure the integrity of software from ...

Russia's historically destructive NotPetya malware attack and its more recent SolarWinds cyberespionage campaign have something in common besides the Kremlin: They're both real-world examples of ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...