If you crave SLSA and GUAC, this is the place to be! If you crave salsa and guac, this is still the place to be! #KubeConParty @ActiveState @mlieberman85 @controlplaneio https://t.co/ZZ6NE8OgRz

TIL @ConEdison doesn't validate that someone has authorization to request to stop service at an address. Someone was able to request that power be cut off to my house, have it back dated to April and not even have the right account number.

Join us this Thursday July 25 at 12pm ET virtually for a "How to get started in Open Source Software and Cybersecurity" during the #OpenSSF DEI Working Group Community Office Hours! https://t.co/mS7k4VMgEb

I know everyone wants to work on the cool thing or save/make a ton of money by throwing AI at a problem but it's extraordinarily dangerous. How many folks are verifying that the provenance and that the code/training data isn't malicious or vulnerable?

I'm a little bit worried about that the *Open Source* Summit this year contains several talks focusing on proprietary LLMs. I'm not saying that these talks had to be cancelled, but I feel they should be labeled as "Not following the Open Source Definition". cc @linuxfoundation

Learning how to better apply policy to my git repos with gittuf from @adityasaky and @wflynch

Fresh SLSA & GUAC starts with Knowing Your Ingredients at #ossummit @melissajmckay & @mlieberman85

Learn how to integrate #DevSecOps into your #software supply chain to stay ahead of mounting global #threats. https://t.co/wDost4cUUa Via Michael Lieberman, Co-Founder And CTO, Kusari

Upcoming KubeCon + CloudNativeCon dates: 2025 🇬🇧 London, April 1-4 🇺🇸 Atlanta, November 10-13 2026 🇳🇱 Amsterdam, March 23-26 🇺🇸 LA, October 26-29

We're #hiring at the @openssf ! Our mission is to ensure the security of open source software for all. Are you a seasoned Technical Program Manager excited about #cybersecurity and #opensource who wants a full-time #remotejob? Apply:

Come get your signed copy of select chapters of the manning supply chain security book at the @kusaridev booth during the booth crawl at 6pm! With @mlieberman85 and I!

Collaborating with @WhiteHouse, OpenSSF and @LF_Training are excited to announce an initiative for Women’s History Month. This initiative is a testament to our commitment to diversity, equity, and inclusion in the technology and cybersecurity fields.

Congratulations to @falco_org for graduating! 🥳🎓 As @cra said: "#Falco is helping to push advancements in the open source #cloudnative runtime security space with #eBPF..." https://t.co/Hyt4KcZNvv

📣Deal of the Day📣 Feb 8 SAVE 45% on Securing the Software Supply Chain & selected titles: https://t.co/DcpsoLASzY @mlieberman85 @lumjjb #SupplyChainSecurity Secure your entire #softwaresupplychain, including the code you write, libraries you use & the platforms you run on.

#theCUBE recently heard from @intel’s @ArunGupta, who also sits on OpenSSF’s governance board, about its newest scorecard that ranks the security of Github repos and gives concrete suggestions for improvement. 📝Full coverage: https://t.co/VfKIoSBE3m @KubeCon_

Over 22,000 unique GitHub projects are now using Sigstore to sign artifacts and attestations. With 52 million signatures logged post-GA, Sigstore is on a mission to bring verifiable, transparent integrity to every software supply chain. 🛡️ https://t.co/5zy1dffq06 #OSSSecurity

I’ll be at @CloudNativeFdn Kubeday Singapore! Come say hi and chat about open source, supply chain security, zero trust and more!!!

This was a privilege and @GregorVand was a great host!

Today, we unveil version 1.0 of the Top 🔟 Secure Software Development Guiding Principles! These principles set the stage for a more secure software landscape through a set of core practices. Read up and learn more through our latest blog post 👉 https://t.co/VnZjSpxKDD