- 25
- 3 703
Stacklok
United States
เข้าร่วมเมื่อ 24 ต.ค. 2023
Stacklok is a software supply chain security startup founded by the co-creator of Kubernetes and the creator of the open source security project sigstore. Our open source platform, Minder, helps you harden your code repos, CI/CD pipelines, and build artifacts to prevent supply chain threats and attacks. Subscribe to our channel to catch our live streams and video demos of Minder's latest features.
Manage GitHub repository security at scale with Stacklok Cloud
Watch how Stacklok Cloud's policy engine helps you apply and continuously enforce GitHub Advanced Security features across your entire organization. Learn more → stacklok.com/solutions-source-code-repository-security
GitHub offers many security features like Dependabot, secret scanning, and branch protection rules. But these features need to be enabled in every one of your repos, and your developers also need to know they exist in the first place!
Stacklok Cloud’s automated, policy-based approach helps you manage all your repos with consistent security settings at any scale.
Contents:
0:00 - Introduction
0:16 - Profiles, rules, and alerts
1:14 - Automatic remediation
1:57 - Event history
2:07 - Conclusion
#Stacklok #GitHub #SoftwareSupplyChain
--------
Subscribe → youtube.com/@Stacklok?sub_confirmation=1
Stacklok: move fast and secure things. Stacklok brings developers and security teams together to eliminate risk before code is merged.
Learn more → stacklok.com
Get started with Stacklok Cloud, free for public repos → cloud.stacklok.com
Get in touch!
Discord → discord.gg/stacklok
GitHub → github.com/stacklok
LinkedIn → www.linkedin.com/company/stacklok/
Bluesky → bsky.app/profile/stacklok.com
X (Twitter) → stacklokhq
GitHub offers many security features like Dependabot, secret scanning, and branch protection rules. But these features need to be enabled in every one of your repos, and your developers also need to know they exist in the first place!
Stacklok Cloud’s automated, policy-based approach helps you manage all your repos with consistent security settings at any scale.
Contents:
0:00 - Introduction
0:16 - Profiles, rules, and alerts
1:14 - Automatic remediation
1:57 - Event history
2:07 - Conclusion
#Stacklok #GitHub #SoftwareSupplyChain
--------
Subscribe → youtube.com/@Stacklok?sub_confirmation=1
Stacklok: move fast and secure things. Stacklok brings developers and security teams together to eliminate risk before code is merged.
Learn more → stacklok.com
Get started with Stacklok Cloud, free for public repos → cloud.stacklok.com
Get in touch!
Discord → discord.gg/stacklok
GitHub → github.com/stacklok
LinkedIn → www.linkedin.com/company/stacklok/
Bluesky → bsky.app/profile/stacklok.com
X (Twitter) → stacklokhq
มุมมอง: 50
วีดีโอ
CodeGate - local, open source privacy controls for AI-enabled developers
มุมมอง 218วันที่ผ่านมา
CodeGate is a local proxy that sits between your AI coding assistant and large language model. It automatically encrypts secrets in your prompts to protect your privacy, and it augments the model's knowledge base with up-to-date risk insight to protect your code. Learn more → codegate.ai 0:00 - Introduction 0:55 - Why run local? 1:43 - Run CodeGate 2:19 - Install the certificate 3:22 - Configur...
Automating dependency security checks with Stacklok Cloud
มุมมอง 86หลายเดือนก่อน
Learn how Stacklok Cloud integrates superior risk intelligence about open source packages into existing development workflows, so you can make safer dependency choices before code is merged. Learn more → stacklok.com/solutions-open-source-dependency-security Most of the software you’re developing involves multiple dependencies - dozens or even hundreds of open source packages. But when dependen...
Beyond the CVE: open source risk intelligence from Stacklok
มุมมอง 134หลายเดือนก่อน
When it comes to open source dependencies, checking for known vulnerabilities is just the beginning. Stacklok brings superior intelligence to help you evaluate risk and make safer dependency choices based on more than just CVEs. Learn more → stacklok.com/solutions-open-source-dependency-security Choosing the right dependencies for your project means evaluating risk. Of course, you should consid...
Demo: Automating GitHub Repo Configuration and Security with Minder
มุมมอง 1176 หลายเดือนก่อน
If you're like many project owners or maintainers, your software project might span tens or hundreds of GitHub repos, and your repo configuration may be wildly variable. How do you make sure that your repos always have a standard configuration in place, like a code of conduct, a security.md file, a license file, secret scanning, and Dependabot? It's a lot to remember and to continuously monitor...
Minder Demo: Blocking Pull Requests with Malicious or Deprecated Packages
มุมมอง 1006 หลายเดือนก่อน
Minder Demo: Blocking Pull Requests with Malicious or Deprecated Packages
Demo: Minder, a software supply chain security platform from Stacklok
มุมมอง 3067 หลายเดือนก่อน
Demo: Minder, a software supply chain security platform from Stacklok
What the XZ vulnerability can teach us about open source security and sustainability
มุมมอง 2378 หลายเดือนก่อน
What the XZ vulnerability can teach us about open source security and sustainability
Demo: How Trusty processes and analyzes large-scale data about open source packages
มุมมอง 449 หลายเดือนก่อน
Demo: How Trusty processes and analyzes large-scale data about open source packages
How to automatically pin GitHub Actions to commit SHAs for security hardening
มุมมอง 14611 หลายเดือนก่อน
How to automatically pin GitHub Actions to commit SHAs for security hardening
Trusty demo: Evaluate open source software for supply chain risk
มุมมอง 190ปีที่แล้ว
Trusty demo: Evaluate open source software for supply chain risk
That is something that never came to my mind.. genius.
Great content