The Kusari Edge

• The World Economic Forum released its Global Cybersecurity Outlook for 2025, filled with learnings about supply chain concerns, AI adoption risks, regulatory and cyber talent shortage challenges 
• Federal agencies required to patch three critical VMware vulnerabilities by March 25 
• Cobalt Strike abuse drops 80% after two-year global crackdown 

• Protect your organization from a supply chain compromise by designing a secure foundation of trust
• Read this two-part series on third-party risk in open source software 
  
  • Analyzing third-party risk in open source software
  • Addressing third-party risk in open source software
• Learn about two key features in our Platform – 
  
  • Kusari Score: Cut through the noise to prioritize which vulnerability to fix next
  • Kusari Effort to Fix: Understand the work involved in remediating a vulnerability so you can schedule it when it’s most efficient

• KubeCon EU in London is around the corner–we can’t wait! See what we’ll be up to: 
  
  • Sign up for our DevSecOnTheRocks party - hosted by Kusari and our friends from ControlPlane, Cloudsmith and Spacelift 
  • Hear our GUAC talks with ControlPlane and ARMO in the Security Track 
  • Attend our Friday keynote to clarify the Cyber Resilience Act
  • Come to Stand #S482 for Kusari demos + GUAC plushies and T’s  

‍

• Miss what happened last month? Read the latest GUAC Update
• GitHub mentioned GUAC Visualizer in their blog post about expanding Dependabot’s reporting

• Are you a project maintainer wondering how to adopt secure practices in your project? The new OSPS Baseline provides tiered guidance