Olivia
Online
TestifySec
@testifysec
Joined July 2021
39 Following
141 Followers
73 Posts
As a seasoned Go developer our CTO, Mikhail Swift, recently explored the transformative impact of the much-awaited generics feature in Go 1.18 through a compelling use case within our Witness project. See what he learned in the full blog post: https://t.co/J8Y9aMylhB
Make sure to head over and star it today to ensure you stay updated with project updates and information. We have room for more "relationships". π
Join the #witness community - https://t.co/yXc5MxK2Id
#supplychain #cybersecurity #repo #github
At TestifySec, we're passionate about #softwaresecurity and #supplychainsecurity. But we're also passionate about our families. As the holiday season approaches, remember to prioritize the people who matter most. #familytime
Great blog post by @colek42c published on @testifysec website about comparing #intoto and @projectsigstore; you will find very niche details about them; don't forget to read it π
https://t.co/XUMfAAR0iR
Who to follow
Grype
@GrypeProject
Grype is an open source vulnerability scanner for Software Bills of Material (SBOMs), containers, and filesystems. Created and maintained by @Anchore.
Syft
@SyftProject
Syft is an open source tool to generate a Software Bill of Materials (SBOM) from a container image or filesystem. Created and maintained by @Anchore.
CycloneDX SBOM Spec (OWASP)
@CycloneDX_Spec
OWASP CycloneDX is a modern standard for the software supply chain. Software Bill of Materials (SBOM), SaaSBOM, Cryptography (CBOM), AI/ML-BOM, VDR/VEX...
Introducing Archivista, a server-side app that helps businesses securely manage their software supply chain data. Protect your supply chain and make confident, informed decisions. Visit our website or contact us to schedule a demo.
https://t.co/VLiXP8hUSf
In the land of TestifySec,
Our products do protect,
Witness and Archivista,
Together a perfect pair,
To help secure your software,
From source to production fair,
And Judge to enforce the rules,
With policies that we can share,
So come and try our tools,
And join us in our quest
At @TestifySec we know that getting compromised can seriously affect organizations. That's why we're dedicated to securing the software supply chain and ensuring the integrity of the software being developed. Don't let your software become a vulnerability - trust TestifySec.
There needs to be more clarity in the Software Supply Chain Security space
In our latest blog article, We talk about the differences between in-toto and @projectsigstore, and when it is appropriate to use each.
https://t.co/Hk2FwM5h3D
In-toto vs. sigstore: what are they and how do they differ? 𧡠π @projectsigstore @torresariass #intoto
Amazing.
You can now generate in-toto metadata via a GitHub action, thanks to @colek42c's work at @KubeCon_'s in-toto + TUF + @projectsigstore ContribFest! https://t.co/FcgQozh8sF
Petition to start calling these GUESSBOMs! π£π£π£
We just landed initial @witness_dev support for @github.
This uses a preview build of Witness with #Archivist support.
A GitHub attestor, and Keyless signing should drop before Kubecon. Let me know if you give it a whirl.
https://t.co/VggUp3Bue7
Have you ever wondered how to inventory all the dependencies in a software build?
In this talk, I will showcase how end users can create and use #BPF traces to minimize #CVE false positives and negatives with @witness_dev and @ciliumproject #tetragon
https://t.co/f1PiQqgeJ1
We are working on making supply chain security and compliance easy. Learn more at https://t.co/P6VlszomoK @witness_dev
We had a user post an issue that hit an edge case we didn't test for. Our team fixed the issue the next business day, along with unit and integration tests. I couldn't be more proud of our engineering team led by @mikhailswift
I started adding support for the SPIRE delegated identity API to @witness_dev today. This lets us sign attestations based on the shasum of the CI command being run. Great work on this powerful API @SPIFFEio team!
We use @SPIFFEio as a way to distribute trust, using remote attestation in our Judge platform. However, we don't expect our users to understand Spire, and spire registrations. We are making great progress on federating SPIRE and making registration easy.
https://t.co/XbM7JW1OFy
Last Seen Users on Sotwe
π π²π¦ π²π¦ Slave
Seen from Turkey
fuck older mom
Seen from Turkey
Brainless Partisans π΄ββ οΈβ’οΈβ£οΈπͺ 
Seen from France
kikou
Seen from Algeria
TwinkMalay
Seen from Malaysia
ΰΈΰΈ±ΰΈΰΉΰΈ«ΰΉΰΉΰΈΰΉΰΈ‘ΰΈΰΈ΅ΰΉ.
Seen from Thailand
ΪΨ§ΪΫ Ϊ©Ψ§ Ψ―ΫΩΨ§ΩΫ
Seen from Spain
Her TΓΌrlΓΌ Video
Seen from Turkey
Joda top
Seen from Pakistan
Ω
ΩΩΨ―
Seen from France
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers