Enforcing image trust on Docker containers using Notary
Guest post originally posted on the Infracloud blog by Frederick Fernando Why worry about software supply chain security? In the past few years, we have seen attacks such as NotPetya and Sunburst, which has shifted the industry’s focus to…
SDxCentral: "CNCF’s latest projects TUF and Notary aimed at security"
The Cloud Native Computing Foundation (CNCF) filled in a missing security component with the inclusion of two new projects under its open source guidance. The CNCF Technical Oversight Committee voted in the security-focused Notary and The…
eWeek: "CNCF brings In Notary, The Update Framework to boost container security"
The Cloud Native Computing Foundation on Oct. 24 announced that it is expanding its project roster with the addition of the Notary container trust project and The Update Framework security effort.
The New Stack: "CNCF brings security to the cloud native stack with Notary, TUF adoption"
The Cloud Native Computing Foundation continues to vigorously build its portfolio of open source cloud-native technologies. CNCF’s Technical Oversight Committee voted to accept both the Docker-developed Notary trusted content framework and the specification Notary was built…
CNCF to host two security projects – Notary and TUF specification
Riyaz Faizullabhoy, Docker Security Engineer, today announced on stage at Open Source Summit Europe, that the Cloud Native Computing Foundation (CNCF) Technical Oversight Committee (TOC) has voted Notary in as our 13th hosted project and TUF…
Metal3.io becomes a CNCF incubating project
The CNCF Technical Oversight Committee (TOC) has voted to accept Metal3.io as a CNCF incubating project. Metal3.io joins a growing ecosystem of technologies tackling real-world challenges at the edge of cloud native infrastructure. What is Metal3.io?…
Exploring Cloud Native Projects in Sandbox: 13 Arrivals from 2024 H2
Originally posted on the Palark blog. This article covers the second half of the new Open Source projects accepted to the CNCF Sandbox last year. They were added as a result of the CNCF TOC (Technical…
Announcing Kyverno Release 1.14!
TL;DR We are excited to announce the release of Kyverno 1.14.0, marking a significant milestone in our journey to make policy management in Kubernetes more modular, streamlined, and powerful. This release introduces two new policy types…
Kubescape becomes a CNCF incubating project
The CNCF Technical Oversight Committee (TOC) has voted to accept Kubescape as a CNCF incubating project. Kubescape is an open-source Kubernetes security project designed to offer comprehensive security coverage throughout the entire development and deployment lifecycle….
We are thrilled to announce the release of Ratify v1.4.0! This milestone release introduces significant new features that enhance Ratify’s capabilities as a trusted supply chain security tool. As always, we deeply appreciate the contributions from the…