The Kusari Edge

October

2024

ICYMI: Noteworthy Headlines 🗞️

Security spending plans reflect a major shift in the CISO role, according to CSO Online
There’s a new Cybersecurity, Privacy, and AI program from NIST that will help align AI and the Cybersecurity Framework (CSF) 2.0
Do you author plugins and themes on WordPress? Time to get 2FA in order based on the new security changes from WordPress.org
SLSA can help developers secure their software supply chain; read this Trail of Bits blog to learn about SLSA compliance levels and how they can apply to your project

GUAC goes beyond security–watch the recent CNCF Cloud Native Live to see this open source project discover licenses and act as a Kubernetes admission controller
Maintainers release updates and bug fixes in GUAC v0.8.6, plus you’re invited to contribute with us in Hacktoberfest
GUAC Visualizer–an experimental utility for GUAC–has been updated; v0.4.5 now available

We think the NTIA backing of open source AI is good for security; read why in Security Boulevard
New to the software supply chain arena? Check out our Learning Hub for answers to questions like what's a "bottom turtle" and other common terms
Hear from our CTO and Co-Founder, Michael Lieberman, and fellow open source and security experts about software supply chain issues and best practices in this replay from Open Source Summit EU

Oct. 21-24 > SecTor - GUAC in the Arsenal with Parth Patel
Oct. 23-24 > SOSS Fusion - Scorecard at Scale: Old & New Possibilities for Lifting Security on all Repos with Jeff Mendoza and Stephen Augustus (Cisco)
Nov. 11 > Cloud Native Rejekts - Papers, Please: Scrutinizing AI Model Creation with Parth Patel and Miahi Maruseac (Google)
Nov. 12 > SigstoreCon Supply Chain Day - grab a coffee on Kusari
Nov. 12-15 > KubeCon + CloudNativeCon NA - Come see us at Booth Q37 for lively conversations, demos, book signings and plenty of swag!

Dig into the meaty learnings from this year’s Atlassian State of Developer Experience Report
ISC2 releases a first look at the findings from their 2024 Cybersecurity Workforce Study