all InfoSec news
Level-up Container Security: 4 Open-Source Tools for Secure Software Supply Chain
DEV Community dev.to
In a thought-provoking presentation by Kelsey Hightower, he compares the act of plugging in a random USB key discovered at a coffee shop to the common practice of pulling code from GitHub.
What's funny is that while people might give a suspicious look to someone plugging in a random USB key, they often don't think twice about grabbing a container image from a public registry and tossing it into production. But they really should. Lately, there have been a bunch …
act code coffee container containers container security devops github kelsey hightower key opensource people practice presentation random secure software secure software supply chain security shop software softwareengineering software supply chain supply supply chain thought tools usb