KubeCon 2022: GitLab publicizes new Safety and Governance updates, Slim.AI launches Container Intelligence, Sigstore publicizes free software program signing service, and extra


Extra thrilling new releases and product updates have been revealed at the moment as KubeCon 2022 continues. 

GitLab publicizes new Safety and Governance updates

GitLab at the moment introduced new enhancements to its Safety and Governance answer which goals to assist organizations combine safety and compliance in each step of the software program improvement lifecycle in addition to safe their software program provide chain.

In accordance with the corporate, these enhancements are supposed to supply visibility and administration over safety findings and compliance necessities, in addition to ship an improved software program provide chain safety expertise.

Amongst these enhancements are the power to ingest software program invoice of supplies studies and construct artifact signing. Moreover, customers might be higher outfitted to proactively determine vulnerabilities and fulfill compliance and regulatory requirements. 

Slim.AI launches Container Intelligence

The cloud-native optimization and safety firm Slim.AI launched Container Intelligence to permit customers to realize insights into what’s in the most well-liked container pictures that they’re baking into their software program on daily basis.

Container Intelligence works to scan over 160 common public container pictures making up 30% of complete international pull quantity using a mixture of each open-source and proprietary scanning instruments.

With this launch, customers acquire entry to publicly obtainable container profile pages on the Slim.AI web site; vulnerability counts by severity, container building particulars, and bundle data; totally searchable and categorized containers; and essentially the most up to date knowledge. 

Sigstore publicizes free software program signing service

Sigstore at the moment introduced the final availability of its free software program signing service. This launch is meant to supply open supply communities entry to production-grade steady providers for artifact signing and verification.

In accordance with sigstore, the corporate’s purpose is to supply a set of instruments designed to enhance provide chain safety by simplifying the method of signing, verifying, and checking the software program builders are constructing and consuming.

Sigstore acknowledged that it’ll function the service with a 99.5% uptime SLO and round the clock pager assist. Mission sponsors Google, Pink Hat, GitHub, and Chainguard have helped make this doable by offering the assets which are important to service degree goals. 

JFrog’s Pyrsia initiative incubating underneath CD Basis

The liquid software program firm JFrog has introduced that Pyrsia, an open-source software program group initiative that makes use of blockchain know-how as a way to safe software program packages, is now an incubating venture underneath the Steady Supply Basis.

“We’re excited to affix our long-time companions on the CD Basis in making a groundswell round Pyrsia to additional its mission to raised safe the software program provide chain,” mentioned Stephen Chin, VP of developer relations at JFrog and governing board member for the CD Basis. “With the CD Basis’s assist, and that of our unbelievable trade companions, builders can leverage Pyrsia to have peace-of-mind in realizing their open supply parts haven’t been compromised, and confidently ship safe software program at scale.”

With this incubation, JFrog and the CD Basis intend to develop Pyrsia’s backing and engagement by a centralized governance mannequin in addition to an outlined roadmap, and illustration throughout the wider know-how and open-source communities.


Leave a Reply