Olivia
Online
Yolanda Robla
@yrobla
Joined October 2012
184 Following
132 Followers
2.1K Posts
The private beta sign up link. We are accepting folks in rounds, so worth signing up early:
https://t.co/Jmd2coCCdY
We (@StackLokHQ) have released details of our Proof-of-Diligence algorithm and Graph. Very curious to see what others make of this. We have a private beta starting next week where we expose the API/UI for others try: https://t.co/zazECYu4qw
Busy day at @StackLokHQ , we also released Minder Cloud today. Craft custom policies for remediation at scale. The GitHub provider implementation is in place with a UI to compliment the CLI. https://t.co/Az8gq3qYad
Get ready, Open Source Summit North America attendees! Don't miss Craig McLuckie's keynote speech on the 17th at 10:20 AM PST! See details and add it to your schedule here: https://t.co/fJovXjziA7
#SoftwareSupplyChain #OpenSourceSecurity #Sigstore #OpenSource #DeveloperCommunity
2,791 packages published by a single user within 72 hours, all sharing the same 132 external dependencies, while depending on each other. I am curious where this all ends up.
Love what I am seeing from the @trustypkg team. Real-time tracking of package feeds, with increasingly rich checks that identify and initiate removal of malicious material from community repos. What started as an intelligence engine is becoming a service for public good.
⚠️ Malicious Package Detected ⚠️ 📷: Contains obfuscated code calling suspicious URL's. Appears to be typo attacking bugsnag-js: https://t.co/t2I3s3uFXH
It is a pleasure to drive this challenging project at @StackLokHQ , working with an amazing team, where everyone is making an impact.
Trusty ingests and analyzes data on thousands of open source packages to calculate supply chain risk scores. We started with a monolithic architecture, processing package data in sequence based on a state manager—but hit challenges as Trusty expanded.
Staff Engineer @yrobla recently led our migration to an event-driven, microservices-based architecture, and explains the outcomes (and challenges) of moving to an @awscloud SNS + SQS stack for large-scale data processing. Trusty now hooks in to the open source Feeds project from @openssf for package updates. https://t.co/RqsoO6Chp6
Trusty ingests and analyzes data on thousands of open source packages to calculate supply chain risk scores. We started with a monolithic architecture, processing package data in sequence based on a state manager—but hit challenges as Trusty expanded.
Staff Engineer @yrobla recently led our migration to an event-driven, microservices-based architecture, and explains the outcomes (and challenges) of moving to an @awscloud SNS + SQS stack for large-scale data processing. Trusty now hooks in to the open source Feeds project from @openssf for package updates. https://t.co/RqsoO6Chp6
Dataset poisoning is a security concern for AI/ML models. Both major SBOM formats can specify the datasets used to train AI/ML models—but they can't yet point to a dataset revision in the case of a breach. @puerco explains: https://t.co/wD409PCQ2T #aisecurity
Interesting to see https://t.co/luSP6DojDt launched by the
@letsencrypt, we will evaluate using sunlight in
@projectsigstore rekor.
We launched 🚀 our @StackLokHQ OSS Discord server where you can chat with the team about @projectsigstore, Minder (OSS Platform that helps open source communities build more secure software), and securing the software supply chain.
Join us! 📣 https://t.co/3MshO67glW
New blog post: Writing Minder rule types using Open Policy Agent and Rego
https://t.co/BiZTlT5f0M
@OpenPolicyAgent @StackLokHQ
Love discovering malicious open source packages or researching new novel software supply chain attacks in the wild?
We have an opening for a Senior Security Analyst at @StackLokHQ:
https://t.co/rxdYckeMqS
Have some spare time? Why not give minder a quick spin?
See How Stacklok Uses Minder Internally to Build More Secure Software:
https://t.co/VtTc32Sppf
https://t.co/SLFD9s8KZZ
Minder was open sourced today. It's an open source platform that helps #OSS communities build more secure software. https://t.co/bQxmrJAgJm We would love your feedback
We’re excited to announce the launch of Minder and Trusty, two free-to-use tools that build on the power of @projectsigstore to help developers and #opensource communities keep their software safe. Read more on our blog: https://t.co/XPz2ez1sey
Last Seen Users on Sotwe
Lyla
Seen from United Kingdom
Ceylan&murt çiftiz tek erk ilgi alanimz
Seen from Turkey
Türk Milf Porno - Türk Milf Sex İzle
Seen from Netherlands
خول نسوان ورقاصات
Seen from Egypt
سناء
Seen from Germany
👑IMPERIU DOS VAZADOS🔥
Seen from Jordan
adeline
Seen from Singapore
爱吃蟹黄堡
Seen from United States
ghghgh
Seen from France
前川喜平(右傾化を深く憂慮する一市民)
Seen from Japan
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers