Kusari

☕️ Fueled up and ready for Day 2 at KubeCon EU! 🚀 Our booth was hopping yesterday—huge thanks to everyone who stopped by to chat, nerd out on #softwaresupplychain, and grab some #Kusari & #GUAC 🥑swag! 🙌 If you missed us on Day 1, don’t worry—we haven't lost our voices and there’s still plenty of awesome swag (yes, the good stuff 😎) and, you can win great prizes via the Passport to #Security program with us and our friends at Cloudsmith + other amazing partners. ✨ Come say hi, learn what we’re building, and let’s talk: ✅ GitOps without Git ✅ Supply chain defense that actually works ✅ Why software artifacts deserve first-class treatment 📍 Find us at S482 on the show floor—bring on Day 2! #KubeCon #GitOps #SoftwareSupplyChainSecurity #CloudNative #DevOps #DevSecOps #OSS #Cloudsmith #KubeConEU

We've already been told that we have the best plushies in the south expo hall of #KubeCon. Follow us on LinkedIn and you can bring home one of your own.

🎉 It's a wrap for DevSecOnTheRocks! Big cheers to everyone who came out, clinked glasses, and talked all things #security with us last night! 🥂🍻 And thank you to our partners - ControlPlane, Cloudsmith and Spacelift. We had an absolute blast hanging with the best in the #cloudnative community. You all rock! 🤘💻 But the party’s not over... 🎈 🚨 Come by Stand S482 at #KubeCon EU and say hey to the Kusari crew! We’ve got demos, #GUAC swag, plus #softwaresupplychainsecurity hot takes you won’t want to miss. 🔐🧩 Let’s keep the good vibes (and good security) rolling! 🚀 #KubeConEU #DevSecOps #CloudNativeSecurity #SoftwareSupplyChain #OpenSource #CyberSecurity

📚✨ It’s Here! Our Book is Now Available! 🎉🔐 We did a thing — and we're beyond excited to share the release of the new book “Securing the Software Supply Chain” by Michael Lieberman and Brandon Lum. It breaks down the complex world of #softwaresupplychainsecurity into practical, actionable insights. 💡 Whether you're a #security pro, #developer, or just curious about how it all works — this book is for you! 🧩 What you’ll find inside is 11 chapters full of: ✅ Real-world examples of #cybersecurity threats and attacks ✅ Open source tooling (like #GUAC and many others!) ✅ Step-by-step strategies for a secure #software factory ✅ How to build trust into your #softwaresupplychain ✅ Future considerations like an #SDLC control plane and using #AI 🎯 It's the resource we wish we had when starting out — now it's yours. 👉 Read more & grab your copy: https://lnkd.in/gqYjH4Er #DevSecOps #OpenSource #OpenSourceSecurity #DevOps

👋 Hello KubeCon EU! 🎉 We’re officially in #London town and ready for an amazing week of all things #Kubernetes, #cloudnative, and #opensource! ☁️🚀 📢 Come get the party started with us TONIGHT! Join us for good vibes and great convos at our community party! You won’t want to miss hanging with us and our friends from ControlPlane, Cloudsmith, and Spacelift. 📍RSVP here 👉 https://lnkd.in/gDrBd79i 💙🎊 We can’t wait to connect, learn, and celebrate. Let’s make this week unforgettable! See our full schedule: https://lnkd.in/gmRSVwFM #KubeConEU #DevSecOps #DevOps #Cybersecurity #SeeYouThere

🔐🤝 GUAC + Kubescape: New Security Collaboration! 🚀💪 Two powerful #opensource tools are coming together to redefine #softwaresupplychain and #Kubernetes #security. 💥 📌 GUAC (Graph for Understanding Artifact Composition): ➡️ Aggregates software security metadata into a graph database 🥑 Maps relationships & normalizes identities for auditing, risk management, and developer assistance 🔍 Focused on securing the software supply chain, understanding dependencies & composition of software artifacts. 📌 Kubescape: ➡️ Open-source Kubernetes security platform ✳️ Provides risk analysis, compliance, and misconfiguration scanning across IDEs, CI/CD pipelines, and clusters 🔍 Focused on securing Kubernetes environments and identifying potential vulnerabilities. ✨ The Integration: While GUAC and Kubescape have operated separately to protect #software supply chains and Kubernetes environments, the latest announcement changes the game! Now, GUAC v0.14.0 includes a Kubescape Collector to seamlessly ingest Kubescape scan results from within your Kubernetes clusters and enhance the graph database with real-time security insights. 📈🤖 📝 What this means: Better visibility, stronger analysis, and a more comprehensive approach to security! 🔥 👉 Read the blog and attend the #KubeCon session with Jeff Mendoza and Ben Hirschberg to learn more about how you can leverage this integration: https://lnkd.in/gQkC5RUA #GUAC #Kubescape #KubernetesSecurity #SoftwareSupplyChainSecurity #OpenSourceSecurity #OpenSourceTools

You know that feeling when you tackle something you’ve been meaning to learn? Yeah, THAT feeling. 🙌🧠 The maintainers and experts of the Open Source Project Security Baseline are coming together to help you learn all about this new approach and start using it with your #opensource #community! 📍 April 24, 2pm ET #software #security #opensourcesoftware #opensourcesecurity

We're wrapping up our 4-part blog series on getting started securing software supply chains! ✨ We've walked you through: 1️⃣ Producing SBOMs 📜 2️⃣ Comparing SBOMs 📊 3️⃣ Managing Mountains of SBOMs 🧩 And NOW 4️⃣ Managing Your Entire Software Supply Chain! 💥 The Kusari Platform delivers #transparency into your modern workloads. 📈🤖 🔥 Why should you care? Because securing your #softwaresupplychain shouldn’t feel like herding cats. Instead, it should be a well-orchestrated, repeatable process — that ray of sun supporting your journey through the forest — and we’re showing you how. 👉 Onto the final chapter: https://lnkd.in/ghyjQQaK #SoftwareSupplyChainSecurity #SecurityJourney #SBOM #KusariPlatform #KubeCon

Tim CEO and Co-founder at Kusari challenges the common belief that minimal container images automatically mean better security. He explains that while removing unnecessary binaries and shells is a good practice, the real focus should be on validating each component's purpose in the container. Tim emphasizes two key aspects of container security: ensuring transparency (knowing what's inside) and verification (confirming the image is truly minimal). Watch the full interview: https://ku.bz/-2Sqn9Jb9 This interview is a reaction to Harsha's episode https://ku.bz/n_sJ04xMY

🤖🔒 Securing Your AI Models: A Must-Read! 🚀🛡️ AI models are powerful. But are they secure? 🤔💥 In this blog, Tim Miller dives into what it takes to keep your AI models safe, reliable, and resilient. 📌 What's Inside: ✅ Understanding AI security challenges 💪 ✅ Best practices for safeguarding AI models 🧩 ✅ Practical steps you can take today! 🪜 Read the full article and level up your AI security approach. 📖⚙️ 👉 https://lnkd.in/gr7YQF5i #AI #CyberSecurity #MachineLearning #AISecurity #DevSecOps