Submit your talk for SecureChainCon 2025 by April 1.
Read More
Alpha-Omega has provided a grant for three months of full-time work to improve the Jenkins implementation of Content Security Policy.
Read More
Learn how to run vulnerability scanning on container images with Shipwright while building those images.
Read More
Couldn't attend SecureChainCon? Read the event wrap up and watch the recordings.
Read More
Welcome to SecureChainCon, the ultimate online conference designed to foster knowledge sharing, and explore the challenges of implementing software supply chain security practices into fragmented, decoupled architectures.
Learn more:Â https://ortelius.io/blog/2024/
Call for Papers
CFP is open until March 25.
Everyone is welcome to submit talks for SecureChainCon. Tracks include:
- Use Cases on Open-Source Security Tools and the DevOps Pipeline
- Threat Modeling and data generation from the DevSecOps Pipeline
- Understand the Blockers, Drivers, and Solutions for making the software supply chain more secure
- Compliance and Governance Tools and KPIs
First-time presenters are encouraged to submit talks.
Here are some key findings from the State of Continuous Delivery Report 2023
Read More
What is OCI (Open Container Initiative)? Learn about it and the Image Spec feature, called OCI image layout.
Read More
Supply chain security is top of mind for organizations looking to avoid being victims to the next Solar Winds type of supply chain attack. Pyrsia, CDF’s newest incubating project, seeks to address this issue by creating a decentralized package management network. Built-in Rust, Pyrsia’s entire codebase will be open source, uses consensus for acceptance of packages to the network, and features an immutable transaction ledger. Learn about these components and more during our next CDF Meetup with the team behind Pyrsia.
Register for this online meetup at:Â https://us02web.zoom.us/webinar/register/WN_-53N0HsDR–XnT6xaDWmLg
Learn what event-driven software production could mean for creating and deploying mobile network software and how it could lead to an interoperability-in-a-box future.
Read More
JFrog’s Pyrsia initiative incubating under CD Foundation
The liquid software company JFrog has announced that Pyrsia, an open-source software community initiative that utilizes blockchain technology in order to secure software packages, is now an incubating project under the Continuous Delivery Foundation.
“We’re excited to join our long-time partners at the CD Foundation in creating a groundswell around Pyrsia to further its mission to better secure the software supply chain,” said Stephen Chin, VP of developer relations at JFrog and governing board member for the CD Foundation. “With the CD Foundation’s support, and that of our incredible industry partners, developers can leverage Pyrsia to have peace-of-mind in knowing their open source components have not been compromised, and confidently deliver secure software at scale.”
