Gear case

Second Front Systems Announces Partnership with Chainguard

Retrieved on: 
Tuesday, April 2, 2024
Government, Software as a service, Unitary state, Entrepreneurship, Gear case, Livestreaming, Partnership, Accreditation, Software, 2F, Workload

WILMINGTON, Del., April 2, 2024 /PRNewswire/ -- Second Front Systems (2F), a public-benefit software company focused on facilitating the delivery of mission-critical software solutions, announced today a strategic partnership with Chainguard, a leading software supply chain security company. This partnership will provide 2F's customers with access to a custom registry of secure, minimal container images, accelerating their accreditation journey as they look to serve government end users.

Key Points: 
  • WILMINGTON, Del., April 2, 2024 /PRNewswire/ -- Second Front Systems (2F), a public-benefit software company focused on facilitating the delivery of mission-critical software solutions, announced today a strategic partnership with Chainguard, a leading software supply chain security company.
  • This partnership will provide 2F's customers with access to a custom registry of secure, minimal container images, accelerating their accreditation journey as they look to serve government end users.
  • This first-of-its-kind partnership will bolster 2F's Game Warden platform, which delivers commercial SaaS technology to the government with built-in accreditation.
  • "By leveraging the registry, Second Front's customers can spend more time developing and deploying mission-critical solutions in compliance with industry standards."

Second Front Systems Announces Partnership with Chainguard

Retrieved on: 
Tuesday, April 2, 2024
Government, Software as a service, Unitary state, Entrepreneurship, Gear case, Livestreaming, Partnership, Accreditation, Software, 2F, Workload

WILMINGTON, Del., April 2, 2024 /PRNewswire/ -- Second Front Systems (2F), a public-benefit software company focused on facilitating the delivery of mission-critical software solutions, announced today a strategic partnership with Chainguard, a leading software supply chain security company. This partnership will provide 2F's customers with access to a custom registry of secure, minimal container images, accelerating their accreditation journey as they look to serve government end users.

Key Points: 
  • WILMINGTON, Del., April 2, 2024 /PRNewswire/ -- Second Front Systems (2F), a public-benefit software company focused on facilitating the delivery of mission-critical software solutions, announced today a strategic partnership with Chainguard, a leading software supply chain security company.
  • This partnership will provide 2F's customers with access to a custom registry of secure, minimal container images, accelerating their accreditation journey as they look to serve government end users.
  • This first-of-its-kind partnership will bolster 2F's Game Warden platform, which delivers commercial SaaS technology to the government with built-in accreditation.
  • "By leveraging the registry, Second Front's customers can spend more time developing and deploying mission-critical solutions in compliance with industry standards."

Chainguard joins Docker Verified Publisher program to offer developers everywhere access to secure, hardened container images

Retrieved on: 
Thursday, March 14, 2024
Node, Gear case, Partnership, Java, Gentlemen's agreement, FedRAMP, Python, SLA, DVP, CVE, Online shopping

KIRKLAND, Wash., March 14, 2024 /PRNewswire/ -- Chainguard, the leader in software supply chain security, today announced it has joined the Docker Verified Publisher (DVP) program, marking the official availability of its Chainguard Developer Images on the industry's most popular container image registry.

Key Points: 
  • KIRKLAND, Wash., March 14, 2024 /PRNewswire/ -- Chainguard , the leader in software supply chain security, today announced it has joined the Docker Verified Publisher (DVP) program, marking the official availability of its Chainguard Developer Images on the industry's most popular container image registry.
  • With this new partnership, Chainguard Developer Images are giving Docker Hub users access to secure, minimal container images for its growing inventory of popular cloud-native and open source projects, including Python, Node, Java and more.
  • The Docker Verified Publisher program is a key part of Docker's mission to provide a broad range of trusted, high quality content," said Justin Cormack, CTO, Docker.
  • "We welcome Chainguard to the DVP program, giving more options for a range of minimal, hardened images to developers."

New Report Shows Disconnect Between Developers and Security Teams on Software Supply Chain Security Priorities and Responsibilities

Retrieved on: 
Wednesday, November 8, 2023
The Harris Poll, Disagreement, Computer security software, Sequoia Capital, Gear case, Government, Work, Security, Organization, SolarWinds, Software, Trust, CISO, Risk, SSDF, Collaboration, Ciso, SLSA, Motion, Communication, Log4j, Developer, Uncertainty, Fatigue, Online shopping, Risk management, Cryptocurrency, Medical device

KIRKLAND, Wash., Nov. 8, 2023 /PRNewswire/ -- Chainguard, the leading software supply chain security company, today released the results of its inaugural report on the perspectives of CISOs and developers when it comes to tackling software supply chain security within their organization.

Key Points: 
  • The 2023 CISO & Developer Trends in Software Supply Chain Security Report , conducted by The Harris Poll, surveyed 520 security decision-makers (n=268) and developers (n=252) on how the different roles view overall responsibilities and expectations for software supply chain security, the importance of software supply chain security, and the pain points and successes in each team's approach to software supply chain security.
  • Despite disagreements on how each team views the other's security prowess or understanding of tooling, software supply chain security is a top priority for developers and security teams alike.
  • According to the report, in alignment with the importance already placed on software supply chain security by developers and CISOs, most say that their organizations already have some tools in place to address software supply chain security.
  • In addition to the existing adoption of software supply chain security tooling and frameworks, CISOs and developers expect changes to come in the next five years for software supply chain security at their organizations.

Chainguard Raises $61 Million Series B Round as Enterprises Move to Fortify Open Source Software

Retrieved on: 
Wednesday, November 1, 2023
Okta, FedRAMP, Replicant (operating system), Spark Capital, Goldman Sachs, ARR, Engineering, Gear case, Wiz, Snowflake, Organization, General partnership, Research, Software, Security, Hewlett Packard Enterprise, Growth, Sequoia Capital, Chain smoking, API, Love, Senior, Fortune 500, Cryptocurrency, Risk management, Canonical

KIRKLAND, Wash., Nov. 1, 2023 /PRNewswire/ -- Chainguard, the leader in software supply chain security, today announced it has completed a $61 million Series B round of funding led by Spark Capital and existing investors Sequoia Capital, Amplify Partners, The Chainsmoker's Mantis VC, and Banana Capital.

Key Points: 
  • "The future is clear - if you adopt open source software you are responsible for securing it.
  • Chainguard is on a mission to be the safe source for open source that every organization building software today can rely on to build right, build safe and build fast," said Dan Lorenc, CEO and Co-founder of Chainguard.
  • "Enterprises do not want another software security tool, they want secure software," said Clay Fisher, General Partner at Spark Capital.
  • There is nothing like Chainguard in the market today and we could not be more excited to support them on their important mission to be the safe source for open source software."

OpenSSF Announces SLSA Version 1.0 Release

Retrieved on: 
Wednesday, April 19, 2023
Henry Ford Technical Fellow, VMware, IBM, Partnership, Gear case, Open innovation, CISO, Microsoft, ActiveState, Organization, Kusari, Open source, Risk, Red Hat, Intel, Open Source Security Foundation, Supply, Artifact, Empowerment, SLSA, Safety, Software, Medical device, Online shopping, Video game, Renewable energy

SAN FRANCISCO, April 19, 2023 /PRNewswire/ -- The Open Source Security Foundation (OpenSSF) is proud to announce the release of version 1.0 of Supply-chain Levels for Software Artifacts (SLSA, pronounced "salsa"). SLSA is an OpenSSF project that provides specifications for software supply chain security, established by community expert consensus. SLSA's framework is organized into a series of levels that describe increasing security rigor, designed to give confidence that software hasn't been tampered with and can be securely traced back to its source. SLSA is a supply chain security language that everyone can speak to help identify where software stands and how to mature their security posture.

Key Points: 
  • Framework for Improving Software Supply Chain Security Announces Stable Release, Helps Secure Builds Against Supply Chain Attacks
    SAN FRANCISCO, April 19, 2023 /PRNewswire/ -- The Open Source Security Foundation (OpenSSF) is proud to announce the release of version 1.0 of Supply-chain Levels for Software Artifacts ( SLSA , pronounced "salsa").
  • SLSA is an OpenSSF project that provides specifications for software supply chain security, established by community expert consensus.
  • "The OpenSSF is working hard to put more rigor into the software development process," said Brian Behlendorf, General Manager of the OpenSSF.
  • - Bruno Domingues, CTO - Worldwide Financial Services and Principal Engineer, Intel
    As a member of the SLSA steering committee, I am thrilled to see the release of SLSA 1.0.

Three Companies Offering Software Supply Chain Management Solutions for Open Source Software Named IDC Innovators

Retrieved on: 
Wednesday, February 15, 2023
Supply Chain Management, Professional Services, Retail, Technology, Software, Consulting, OSS, Organization, DevOps, Artifact, IDC, Gear case, Acquisition, Maintenance, Database, Doc, Risk, Policy, Knowledge, International Data Group, Supply, SLSA, Online shopping, Risk management, Medical device

International Data Corporation ( IDC ) today published an IDC Innovators report profiling three start-up companies offering enhanced capabilities for open source software supply chain management that extend beyond static software bills of materials (SBOMs).

Key Points: 
  • International Data Corporation ( IDC ) today published an IDC Innovators report profiling three start-up companies offering enhanced capabilities for open source software supply chain management that extend beyond static software bills of materials (SBOMs).
  • Open source software (OSS) has become increasingly popular in the development of new commercial products as well as internally-developed software solutions for enterprises.
  • "The time has come for organizations to get serious about securing the supply chain of open source software components, tools, or applications they may be using from public repositories," said Al Gillen , group vice president, Software Development and Open Source at IDC.
  • The report, IDC Innovators: Open Source Software Supply Chain Security, 2023 (Doc #US50138923), profiles three companies that help customers manage the security of the software supply chain of open source components used in their software development and deployment operations.

Sigstore Announces General Availability at SigstoreCon

Retrieved on: 
Tuesday, October 25, 2022
Edgeless, Adoption, News, ONAP, Python Software Foundation, Trust, API, Open source, Purdue University, General manager, Linux, Red Hat, Organization, Node.js, Linux Foundation, Privacy, Program, Open Source Security Foundation, Gear case, Partnership, History, Technology, Senior, Bachelor of Engineering, Software, CEO, Ecosystem, Face, GitHub, PyTorch, Artifact, Shopify, CTO, Ruby, Trail, Documentation, SLO, Online shopping, Risk management, Renewable energy, Cryptocurrency, Hyperledger, Autodesk, Google

DETROIT, Oct. 25, 2022 /PRNewswire/ -- Today at SigstoreCon, the Sigstore community announced the general availability of its free software signing service giving open source communities access to production-grade stable services for artifact signing and verification. Sigstore provides a set of tools designed to improve supply chain security by making it easy to sign, verify and check the software developers are building and consuming.

Key Points: 
  • DETROIT, Oct. 25, 2022 /PRNewswire/ --Today at SigstoreCon, the Sigstore community announced the general availability of its free software signing service giving open source communities access to production-grade stable services for artifact signing and verification.
  • In the face of increasing software supply chain security concerns, Sigstore is quickly becoming one of the fastest adopted open source technologies in history.
  • "Kudos to the Sigstore developers, advocates, and other contributors to getting not just to 1.0, but already to widespread implementation and impact."
  • "This general availability milestone, and the related v1.0 releases, unlock wider use of transparent digital signatures across the software supply chain," said Bob Callaway, co-founder of Sigstore and Tech Lead & Manager of Google's Open Source Security Team.

Chainguard Announces New Products and a Free Academy to Help Developers Secure the Software Supply Chain

Retrieved on: 
Thursday, September 22, 2022
Software, Super Mario, Adoption, U.S. Venture Partners, Entrepreneurship, Styra, IBM, Hope, SLSA, Organization, The Chainsmokers, Partnership, Linux Foundation, Sequoia Capital, Government, Vault, CEO, Goal, UI, Science and technology in Asia, Metadata, Rural Institute for Development Education, Gear case, General partnership, Sequoia, Data breach, Fortune 500, Education, Online shopping, Cryptocurrency, Risk management, Linux

KIRKLAND, Wash., Sept. 22, 2022 /PRNewswire/ -- Chainguard, the first developer platform for software supply chain security, today announced Wolfi, a new community Linux (un)distribution that combines the best aspects of existing container base images with default security measures that will include software signatures powered by Sigstore, provenance, and software bills of material (SBOM). The company today also announced Chainguard Academy, the first free, open source and interactive educational platform designed for software supply chain security, and the general availability of Chainguard Enforce, the company's comprehensive software supply chain risk management platform.

Key Points: 
  • The company today also announced Chainguard Academy , the first free, open source and interactive educational platform designed for software supply chain security, and the general availability of Chainguard Enforce , the company's comprehensive software supply chain risk management platform.
  • Chainguard's secure developer platform is a direct reflection of our mission to make the software supply chain secure by default by helping developers improve software security from source to production."
  • To help close this gap, Chainguard Academy will deliver critical educational resources at no cost to enable developers to get hands-on with software supply chain security tooling and recommended practices.
  • Chainguard is the first developer platform for software supply chain security, enabling developers everywhere to ship secure software.

Edgeless Systems Releases First Runtime-Encrypted Kubernetes as Open Source

Retrieved on: 
Tuesday, September 13, 2022
Edgeless, Constellation, Cloud, Adoption, Rest, OpenStack, Ego, AWS, CNCF, Intellectual property, Microsoft, GitHub, CEO, Confidentiality, Cloud computing, APTS, CSPS, Gear case, Azure, Artifact, Software as a service, Google Cloud Platform, Video game console, Cryptocurrency, Kubernetes

BOCHUM, Germany, Sept. 13, 2022 /PRNewswire/ -- Edgeless Systems, a pioneering Confidential Computing company that is turning the public cloud into the safest place for sensitive data, today announced the open source release of Constellation, the first Confidential Kubernetes. Constellation allows anyone to keep their Kubernetes clusters verifiably shielded from the underlying cloud infrastructure and encrypted end-to-end. It is available now on GitHub and comes with new unique features such as "whole cluster" attestation.  

Key Points: 
  • BOCHUM, Germany, Sept. 13, 2022 /PRNewswire/ -- Edgeless Systems, a pioneering Confidential Computing company that is turning the public cloud into the safest place for sensitive data, today announced the open source release of Constellation, the first Confidential Kubernetes.
  • "Edgeless Systems is building the open source infrastructure for the Confidential Computing revolution," said Felix Schuster, CEO, Edgeless Systems.
  • Edgeless Systems is releasing new features with the open source Constellation, including Sigstore -based attestation of Kubernetes nodes and artifacts, and automatic and config-free encryption of cloud storage and all node-to-node networking.
  • It is also home to open source tools that include EdgelessDB, MarbleRun and EGo.