Supply chain security is top of mind for organizations looking to avoid being victims to the next Solar Winds type of supply chain attack. Pyrsia, CDF’s newest incubating project, seeks to address this issue by creating a decentralized package management network. Built-in Rust, Pyrsia’s entire codebase will be open source, uses consensus for acceptance of packages to the network, and features an immutable transaction ledger. Learn about these components and more during our next CDF Meetup with the team behind Pyrsia.
Register for this online meetup at: https://us02web.zoom.us/webinar/register/WN_-53N0HsDR–XnT6xaDWmLg
A community initiative to provide a just and transparent governance model for the Pyrsia Decentralized Package Network brings together companies like Docker, DeployHub, Oracle, and others.
Pyrsia, an open source software community initiative that uses blockchain technology to protect software packages (also known as binaries) from flaws and malicious code, has been accepted as an incubating project by the Continuous Delivery Foundation (CDF). Through the use of a centralised governance mechanism, a clear vision, and widespread participation within the larger technology and open source communities, JFrog and the CD Foundation will collaborate to guarantee Pyrsia develops its support and engagement.
The Continuous Delivery Foundation (CDF) is hosting its CD Summit at KubeCon + CloudNativeCon 2022 in Detroit, Michigan. At the event, the CDF announced a number of major milestones across its projects.
First, it announced that it welcomed the decentralized package network, Pyrsia, into the foundation as an incubating project. Pyrsia was developed by JFrog and it can be used to secure software supply chains by creating a system where there is transparency in package sources. In addition, the distribution of artifacts can be done by anyone instead of just relying on a central place.
JFrog’s Pyrsia initiative incubating under CD Foundation
The liquid software company JFrog has announced that Pyrsia, an open-source software community initiative that utilizes blockchain technology in order to secure software packages, is now an incubating project under the Continuous Delivery Foundation.
“We’re excited to join our long-time partners at the CD Foundation in creating a groundswell around Pyrsia to further its mission to better secure the software supply chain,” said Stephen Chin, VP of developer relations at JFrog and governing board member for the CD Foundation. “With the CD Foundation’s support, and that of our incredible industry partners, developers can leverage Pyrsia to have peace-of-mind in knowing their open source components have not been compromised, and confidently deliver secure software at scale.”
JFrog Ltd. (“JFrog”) (NASDAQ: FROG), the Liquid Software company and creators of the JFrog DevOps Platform, today announced Pyrsia, an open source software community initiative that utilizes blockchain technology to secure software packages (a.k.a. binaries) from vulnerabilities and malicious code, has become an incubating project under the Continuous Delivery Foundation (CDF). Working together, JFrog and the CD Foundation will ensure Pyrsia grows its backing and engagement through the use of a centralized governance model, defined roadmap, and broad representation within the wider technology and open source communities.
Open-source is everywhere, a critical element of nearly every technology in use today.
This also makes it one of the greatest threat vectors. Cyberattackers are increasingly looking to exploit weak chinks — such as critical vulnerabilities, misconfigured services or leaked secrets — across the software supply chain.
“The myriad tools and processes, not to mention the huge amounts of open-source libraries and binaries, all introduce opportunities for accidental and nefarious injection of risk,” said Stephen Chin, VP of developer relations at software supply chain security company JFrog.
JFrog Ltd. announced Pyrsia, an open source software community initiative that utilizes blockchain technology to secure software packages (a.k.a. binaries) from vulnerabilities and malicious code, has become an incubating project under the Continuous Delivery Foundation (CDF). Working together, JFrog and the CD Foundation will ensure Pyrsia grows its backing and engagement through the use of a centralized governance model, defined roadmap, and broad representation within the wider technology and open source communities.