Goodbye SDLC, Hello SSDF! What is the Secure Software Development Framework?

This is the first article in a five-part series on the recently published NIST 800-218 ‘The Secure Software Development Framework (SSDF): Recommendations for Mitigating the Risk of Software Vulnerabilities’ Although the software development lifecycle (SDLC) has been around for a while, few SDLC models explicitly address software security in detail.…

Chainguard's Josh Dolitsky elected to OCI's Technical Oversight Board

Today, we're thrilled to congratulate Chainguard’s Josh Dolitsky for winning a seat on the Technical Oversight Board during the recent election. The TOB is tasked with building consensus and collaboration across the OCI projects and Working Groups, and Josh's experience as a long-time contributor to the distribution-spec, conformance program,…

WTF is Chainguard ?

Chainguard is a 3-month start up in the software supply chain security industry. The mission of Chainguard is to make the software lifecycle secure by default. Sounds kinda vague. Do you have a product?No. Not yet. We have some exciting ideas though, and are working on them right now!…