Olivia
Online
EdgeBit
@EdgebitIO
Real-time supply chain security that connects builds/SBOMs to the kernel, enabling security teams to target & coordinate vulnerability remediation without toil.
Fully Remote
Joined May 2022
3 Following
94 Followers
65 Posts
EdgeBit is leaning hard into a “find, fix and merge” ethos by introducing Dependency Autofix to our security platform.
Dependency Autofix makes your code branches have the latest & safest set of dependencies, using AI and static analysis under the hood.
https://t.co/fFdaEY5aoJ
EdgeBit now supports syncing workloads from ECS in addition to existing EKS, Kubernetes, EC2 and other Linux workloads. Runtime context is the only way to understand your risk *right now* and powers a highly automated security program.
More: https://t.co/RhrYmyzfw4
We’ve partnered with Vanta to give EdgeBit customers greater context and increased automation around vulnerability management in their compliance programs.
More on the blog or log in to Vanta or EdgeBit to get started.
https://t.co/Pq21yQTO5c
We're looking for a Graduate-level Software Engineering Intern to join the team this summer to focus on code analysis. Ideal candidates have a focus or concentration in programming language theory or compiler construction. See our careers page for more: https://t.co/j58QhIOvbk
Who to follow
authzed 
@authzed
Creators of SpiceDB: https://t.co/oSDTIhg5xi
Read how ChatGPT uses AuthZed for authorization: https://t.co/anUr0CQZuL
Russell Haering
@russell_h
Head of engineering @ConductorOneInc. Clean OPSEC. Let’s ship!
Jacob Moshenko
@JacobMoshenko
Co-Founder & CEO @authzed Alumni @RedHat, @CoreOS, @Google, @Amazon
Can Linux enforce that a workload's SBOM remains a truthful representation of the running app? EdgeBit authored a paper covering the research to find out.
This will be published in an ACM journal but you can find more detail & background on our blog today https://t.co/6931BWv6RL
EdgeBit is speaking all over at the end of November:
- Nov 16th @ Bay Area SLSA meetup: https://t.co/7cPxayq4ZV
- Nov 17th @ RVA.js conf: https://t.co/kVsypWf27a
- Nov 30th @ ACM Workshop on Software Supply Chain Offensive Research & Ecosystem Defenses: https://t.co/BNG1mKfVWM
A "critical" vuln score is actually a CVSS score. v4 just came out, and we break it down here: https://t.co/Juq0NHS46C
Super excited about bringing more environmental context to scoring. CVSS has its issues, but this is a step in the correct direction.
Software inventory is still hard. Last week's curl and Rapid Reset vulns were a scramble – unless you have an up-to-date inventory and bill of materials for your apps
✨ Join us at @RedHat @OpenShift Commons Gathering in Raleigh, NC in-person on Wednesday, October 18th at Historic Market Hall! We have a full day of case studies, emerging technologies, and open source updates and what's happening in #AI.✨ https://t.co/uVrGF05xqE #raleigh #tech
A security scanner detects 73 vulnerabilities.
If all CVEs correspond to dormant code…how many issues do you have? 0 or 73?
We used EdgeBit's tracking of base OS vulnerabilities to reverse engineer the patching practices of EKS & GKE to find out.
https://t.co/xyo0CeXBF9
Our CEO @robszumski joined the All Aboard pod to chat about SBOMs, vulnerability management and the latest on government supply chain regulations.
Do you think NIST rolled out supply chain standards correctly? Listen in for Rob's take: https://t.co/LILgecY622
Solving AI dependency sprawl: layers of transitive dependencies make it challenging to understand your risk. EdgeBit prioritization based on real time risk cuts through the noise. Read how: https://t.co/sAh21H8M64
OpenVEX is complementary to SBOMs, allowing suppliers to communicate precise metadata about the vulnerability status of products directly to consumers and end users.
More on this debate with @robszumski of @EdgebitIO
@puerco of @chainguard_dev
https://t.co/coUjtPdGrE
Introducing EdgeBit Components: a stream of SBOMs enriched with data & tied to running workloads.
Instantly ingested from CI/CD
Enriched with vuln findings, SLAs & auto resolution
Mapped to active workloads
Prioritization based on whats running *now*
https://t.co/eyVG7gJp0c
Just out: National Cybersecurity Strategy Implementation Plan with an entire pillar for SBOM maturity and implementation.
Read more: https://t.co/lkfCZVUPn7
New FDA cybersecurity regs are catching folks by surprise. Enforcement starts in October 2023.
Learn more about the requirements to submit software bills of materials for Software as a Medical Device (SaMD): https://t.co/dNcVS2i6lF
Breaking down successful vulnerability management programs: examples from Lyft, Elastic & research from Sysdig and Kenna. What's in common? CONTEXT! It's essential for your engineers.
https://t.co/3Z1ILBXEcW
Vulnerability management gone wrong...with huge impact on voting systems in GA.
Prioritize what you patch and make time to do it! https://t.co/8aEnfRQrUV
Despite our responsible disclosure efforts, the flaws remain unpatched in GA. Among the most critical issues is an arbitrary-code-execution vulnerability that can spread malware from a county's central election management system to all BMDs in the jurisdiction—and run it as root.
More info on regulations from the FDA, NIST guidelines and PCI DSS v4: https://t.co/XdpRpZCBlE
Security Week on OMB M-22-18: "such guarantees should be provided as a self-attestation form, but agencies may also require a software bill of materials (SBOM) and other artifacts, or may require the vendor to run a vulnerability disclosure program."
https://t.co/fbYc6fIhES
OMB has published new guidance on federal agencies obtaining security guarantees from software vendors. https://t.co/nFVlgqC5AD
Last Seen Users on Sotwe
Asian Cuckold
Seen from Turkey
Steven
Seen from Vietnam
🎯Hunter 4️⃣صياد🎯
Seen from Germany
Aoki 😇💗
Seen from United States
♡𝖉𝖊𝖒𝖔𝖓♡
Seen from Saudi Arabia
. مــٰاجِد شنان حايل
Seen from Egypt
Malaysia Boleh
Seen from Singapore
TÜRK ONAYLI REEL SAHİBELER
Seen from Turkey
أبن شيوخ
Seen from Oman
Elon Musk
Seen from Netherlands
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers