Don't miss Tracy Ragan and Dadisi Sanyika at DevOps Goes Native on Sept 25.
Read More
Submit your talk for SecureChainCon 2025 by April 1.
Read More
Alpha-Omega has provided a grant for three months of full-time work to improve the Jenkins implementation of Content Security Policy.
Read More
Learn how to run vulnerability scanning on container images with Shipwright while building those images.
Read More
Couldn't attend SecureChainCon? Read the event wrap up and watch the recordings.
Read More
Welcome to SecureChainCon, the ultimate online conference designed to foster knowledge sharing, and explore the challenges of implementing software supply chain security practices into fragmented, decoupled architectures.
Learn more: https://ortelius.io/blog/2024/
Call for Papers
CFP is open until March 25.
Everyone is welcome to submit talks for SecureChainCon. Tracks include:
- Use Cases on Open-Source Security Tools and the DevOps Pipeline
- Threat Modeling and data generation from the DevSecOps Pipeline
- Understand the Blockers, Drivers, and Solutions for making the software supply chain more secure
- Compliance and Governance Tools and KPIs
First-time presenters are encouraged to submit talks.
Here are some key findings from the State of Continuous Delivery Report 2023
Read More
What is OCI (Open Container Initiative)? Learn about it and the Image Spec feature, called OCI image layout.
Read More
Supply chain security is top of mind for organizations looking to avoid being victims to the next Solar Winds type of supply chain attack. Pyrsia, CDF’s newest incubating project, seeks to address this issue by creating a decentralized package management network. Built-in Rust, Pyrsia’s entire codebase will be open source, uses consensus for acceptance of packages to the network, and features an immutable transaction ledger. Learn about these components and more during our next CDF Meetup with the team behind Pyrsia.
Register for this online meetup at: https://us02web.zoom.us/webinar/register/WN_-53N0HsDR–XnT6xaDWmLg
Learn what event-driven software production could mean for creating and deploying mobile network software and how it could lead to an interoperability-in-a-box future.
Read More