all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Level-up Container Security: 4 Open-Source Tools for Secure Software Supply Chain

Add to bookmarks
Sept. 5, 2023, 8:21 p.m. | Josh Duffney

DEV Community dev.to

In a thought-provoking presentation by Kelsey Hightower, he compares the act of plugging in a random USB key discovered at a coffee shop to the common practice of pulling code from GitHub.


What's funny is that while people might give a suspicious look to someone plugging in a random USB key, they often don't think twice about grabbing a container image from a public registry and tossing it into production. But they really should. Lately, there have been a bunch …

act code coffee container containers container security devops github kelsey hightower key opensource people practice presentation random secure software secure software supply chain security shop software softwareengineering software supply chain supply supply chain thought tools usb

Visit resource

More from dev.to / DEV Community

Understanding JWT: Basics of Authentication and Algorithms an hour ago | dev.to
algorithms authenticate authentication basics +16
@New 4 hours ago | dev.to
build builder class dependency +8
How to Generate Link Previews in React and Nodejs? 6 hours ago | dev.to
availability clicking data development +16
Mastering Secure CI/CD for ECS with GitHub Actions 9 hours ago | dev.to
actions build cicd devops +15
Advantages of Outsourcing Server Management 13 hours ago | dev.to
businesses companies competitive critical +19
Understanding Spillage in Cyber Awareness 15 hours ago | dev.to
awareness can classified cyber +17
Hack4Bengal College Edition 16 hours ago | dev.to
blog college exciting experts +14
What is CISA & How to get certified with CISA? 17 hours ago | dev.to
auditor called can certified +23
Advanced Topics in E2E Testing Introduction 21 hours ago | dev.to
accessibility advanced application applications +22

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

@ Hifield | Sèvres, France
View on infosec-jobs.com

Infrastructure Consultant

@ Telefonica Tech | Belfast, United Kingdom
View on infosec-jobs.com