Newsletter of Carlos Santana - Issue #8
2021-09-16
News
A new type of supply-chain attack with serious consequences is flourishing | Ars Technica — arstechnica.com New dependency confusion attacks take aim at Microsoft, Amazon, Slack, Lyft, and Zillow.
Introducing sigstore: software signing for the masses | Red Hat Emerging Technologies — next.redhat.com Open source software supply chains are exposed to multiple hacking risks, often with potentially disastrous outcomes considering the proliferation of open source in all sectors of industry. This is…
sigstore — sigstore.dev A non-profit, public good software signing & transparency service
Assets
Kubernetes Podcast from Google: Episode 141 - Crossplane, with Daniel Mangum — kubernetespodcast.com Crossplane lets you automate creation of infrastructure using Kubernetes APIs. Daniel Mangum is a Crossplane maintainer working at its creator Upbound, a TL of Kubernetes SIG Release, and a YouTube streaming star. He chats about tech with host Craig Box, who is helped this week by returning guest Ken Massada from GKE's Support team.
SecurityAutomation · jhermann/jhermann.github.io Wiki · GitHub — github.com :globe_with_meridians: My gh-pages @ . Contribute to jhermann/jhermann.github.io development by creating an account on GitHub.
GitHub - tern-tools/tern: Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials (SBoM) for container images and Dockerfiles. — github.com Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBoM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more. - tern-tools/tern
GitHub - dragonflyoss/image-service: Dragonfly image service, providing fast, secure and easy access to container images. — github.com Dragonfly image service, providing fast, secure and easy access to container images. - dragonflyoss/image-service
Open Source solutions for chaos engineering in Kubernetes – Flant blog — blog.flant.com This article reviews existing tools for implementing chaos engineering in K8s including kube-monkey, chaoskube, Chaos Mesh, Litmus Chaos, Chaos Toolkit, some games, and even more.
Compose cloud infrastructure and services into custom platform APIs Compose cloud infrastructure and services into custom platform APIs
IBM joins the Crossplane community – IBM Developer — developer.ibm.com IBM joins the Crossplane Community to advance the development of hybrid cloud application platforms.