Stacklok

When I met my co-founder, @Luke Hinds, it was evident we had a shared purpose to bridge open source producers and consumers, and that required deeper trust in open source. Here’s the story of Stacklok in 60 seconds. Note: I’ve decided to start experimenting with video, capturing my thoughts on specific topics from start-up life to software supply chain security. I’d welcome your feedback, your questions or a follow-up conversation.

My talk from SOSS fusion about Minder and the OpenSSF Security Baseline is online. It's brief, but it covers some of the fundamentals we're grouping to guide OSS projects on their security journey and how Minder, the youngest member of the OpenSSF family and originally created at Stacklok can help. https://lnkd.in/ecPMdCYs

Minder Monday: Writing Rules & Profiles in Minder 🗓️ November 18, 2024 🕰️ 7am PT | 8am CT | 10am ET | 3pm GMT | 5pm EET -------------------------------------------- What is Minder? Minder is an OpenSSF Sandbox project within the Security Tooling Working Group. Minder is a supply chain security platform to enable teams and organizations to define security policies in a consistent way across multiple supply chain assets. Minder helps project owners proactively manage their security posture by providing a set of checks and policies to minimize risk along the software supply chain, and attest their security practices to downstream consumers. The goal is to make it easy and efficient to adopt existing security tools across many users. Session Details: Join Juan Antonio “Ozz” Osorio, Staff Engineer at Stacklok, as he dives into the some key vocabulary for the project, how Minder works, prerequisites, and then how you too can write your own rules and profiles. About our Speaker: Juan Antonio "Ozz" Osorio is a Mexican software engineer living in Finland. He has worked in security with cloud-related open source projects such as OpenStack and Kubernetes, as well as security for bare metal environments. He's currently working at Stacklok building tools to make software supply chain security easier and friendlier.

At Stacklok, we are huge believers in open source software and the mission of the Open Source Security Foundation (OpenSSF). That’s why we are so excited to announce that our project, Minder, has been accepted into the OpenSSF sandbox. Minder helps organizations make better use of existing security tools and consistently apply policy across the software development lifecycle. I encourage you to read my co-founder, Luke’s, blog post to learn more and then get hands on with Minder today! https://lnkd.in/g_yG6zxR

🎉 Welcome to the OpenSSF family, Minder! 📣 Stacklok is contributing Minder to OpenSSF as a sandbox project! Minder streamlines #OSSSecurity, auto-remediates issues, and flags key risks for devs & security teams. 🔍 Learn more about Minder: https://lnkd.in/ePuBexah #OpenSSF #OpenSource #minder

Thank you Stacklok for sponsoring #AllThingsOpen at the Silver Level! Their support helps us keep our prices low. Come learn from 200+ speakers & talks, covering all the important #OpenSource topics on one schedule for just $297! https://buff.ly/3LXVa3S

An Introduction to Minder 🗓️ October 14, 2024 🕰️ 7am PT | 10am ET | 3pm BST | 5pm EEST -------------------------------------------- Minder is a supply chain security platform to enable teams and organizations to define security policies in a consistent way across multiple supply chain assets. Minder helps project owners proactively manage their security posture by providing a set of checks and policies to minimize risk along the software supply chain, and attest their security practices to downstream consumers. The goal is to make it easy and efficient to adopt existing security tools across many users. Register your repositories and set guidelines to keep all your repos and artifacts consistent and secure. Policies can either send out alerts or fix problems automatically. There's a predefined set of rules, but you can also customize them to fit your specific needs. Join Juan Antonio “Ozz” Osorio, Staff Engineer at Stacklok, as he walks you through a high level overview of Minder, how it works, it’s features, benefits, and how you can get started with Minder OSS or Minder Cloud today! -------------------------------------------- About our Speaker: Juan Antonio "Ozz" Osorio is a Mexican software engineer living in Finland. He has worked in security with cloud-related open source projects such as OpenStack and Kubernetes, as well as security for bare metal environments. He's currently working at Stacklok building tools to make software supply chain security easier and friendlier.

Join Stacker Juan Antonio "Ozz" Osorio for an Intro to Minder today at 10am ET / 3pm BST / 5pm EEST to get a high-level overview and demo of the project. See you there! #SupplyChainSecurity #DevSecOps #ShiftLeft

Check out the latest edition of This Month in Minder, highlighting our latest project updates and community contributions! Along with new feature highlights, Stacklok is thrilled to welcome Vyom Yadav as the first external maintainer for #Minder! Read all about it on the Stacklok blog: https://lnkd.in/eWQEaRCT

Following up from a huge gathering last night DevSecOps - London Gathering Already looking at how we can learn from and adopt some of these practices. Brilliant, engaging and informative talks from ControlPlane, Google and Stacklok A huge thanks to all for an excellent event.