Sigstore Archives - Open Source Security Foundation

Nov 21

Sigstore: Simplifying Code Signing for Open Source Ecosystems

By OpenSSF Blog, Sigstore

This month’s spotlight focuses on the Sigstore project. Digital signatures play a critical role in the software supply chain, by providing verifiable attributes of authentication, integrity, and non-repudiation of artifacts…

Mar 30

Love0

Clarifying Sigstore Terms of Use

By OpenSSF Blog, Sigstore

The primary activity for The Linux Foundation projects is open collaboration on technical challenges that deliver tangible improvements for developers, companies, industries, and society at large. The focus we’ve always…

Oct 25

Love0

Sigstore Announces General Availability at SigstoreCon

By OpenSSF Blog, Press Release, Sigstore

Today at SigstoreCon, the Sigstore community announced the general availability of its free software signing service giving open source communities access to production-grade stable services for artifact signing and verification.…

Sep 27

Love0

First-Ever SigstoreCon at KubeCon + CloudNativeCon North America 2022

By OpenSSF Blog, Sigstore

This year SigstoreCon will be hosted for the first time! The one-day event will take place on October 25, in Detroit Michigan, in co-location with KubeCon + CloudNativeCon North America.…

Jul 18

Love0

Security Audit Results for sigstore and slf4j

Results of Sigstore and slf4j Security Audits Including 1 High Risk Vulnerability Found and Fixed

By OpenSSF Blog, Sigstore

We’re excited to report the results of two security audits, one for Sigstore and one for slf4j. The goal of security audits is to find vulnerabilities so they can be…

Jun 22

Love0

Securing Your Software Supply Chain with Sigstore Course

Free Training Course Teaches How to Secure a Software Supply Chain with Sigstore

By David Wheeler Blog, Sigstore

To make it easier to use Sigstore’s toolkit to its full potential, OpenSSF and Linux Foundation Training & Certification released a free online training course, Securing Your Software Supply Chain…

Sigstore

Sigstore: Simplifying Code Signing for Open Source Ecosystems

Clarifying Sigstore Terms of Use

Sigstore Announces General Availability at SigstoreCon

First-Ever SigstoreCon at KubeCon + CloudNativeCon North America 2022

Results of Sigstore and slf4j Security Audits Including 1 High Risk Vulnerability Found and Fixed

Free Training Course Teaches How to Secure a Software Supply Chain with Sigstore

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox.

Sigstore

Sigstore: Simplifying Code Signing for Open Source Ecosystems

Clarifying Sigstore Terms of Use

Sigstore Announces General Availability at SigstoreCon

First-Ever SigstoreCon at KubeCon + CloudNativeCon North America 2022

Results of Sigstore and slf4j Security Audits Including 1 High Risk Vulnerability Found and Fixed

Free Training Course Teaches How to Secure a Software Supply Chain with Sigstore￼

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Mailing List!

Get the latest announcements, event info, and the community news in your inbox.

Free Training Course Teaches How to Secure a Software Supply Chain with Sigstore