Subscribe to the Kusari monthly newsletter

The Kusari Edge

January

2025

ICYMI: Noteworthy Headlines 🗞️

The US Department of the Treasury faced a major information breach by Chinese state-sponsored hackers, which has been confirmed to be limited to the Treasury Department; BeyondTrust updated its public statement on the investigation
More repo protection: BitBucket adds support for signed commits

Latest from Kusari

2025 predictions are out; read what we think the year has in store - plus see how we fared in the 2024 recap
AI alone won’t fix your software supply chain: use it to enhance human decision-making
Threat modeling is key to proactive security; use these benefits and techniques

Upcoming Events 📣

FOSDEM 2025, widely regarded for its influence on open source software, is around the corner; join us in Brussels
- Jan. 31 > Fringe: FOSS license and security compliance tools workshop
- Feb. 2 > Discover Dependence License Information using SBOMs + ClearlyDefined
- Feb. 2 > The Breadth and Depth of SBOMs

What’s up with GUAC? 🥑

GUAC added support for container registries and endoflife.date; read the December 2024 update to learn more
Want to get started with GUAC? Casey Fahey created a hands-on guide
Attend the first community meeting of the year - Thursday, January 16 at 1pm Eastern

Resource of the Month ⚒️

Are your GitHub Actions secure? zizmor can help you improve workflow security