Stacklok logo
Home
Products
Minder Trusty
Company
About Careers Open Source Press
Resources
Blog Videos Trusty Docs Minder Docs View all resources
Contact
Login
Resources

Stacklok Resources

Browse our latest blog posts, view videos from our team, and more.

Unlocking secure software distribution with Minder and GitHub Artifact Attestations

Jakub Hrozek / Adolfo "Puerco" García Veytia / Radoslav Dimitrov /
7 mins read
 /
May 3, 2024
Minder

We’re excited to announce support in Minder for GitHub’s new Artifact Attestations feature, now in public beta. Artifact Attestations enables developers to easily publish attestations signed with the open source project sigstore.

Driving safe and sustainable open source consumption with two new Stacklok capabilities

Craig McLuckie /
6 mins read
 /
Apr 17, 2024

Stacklok is announcing the launch of two new capabilities to help detect and prevent supply chain attacks that build on tools like sigstore. Over time, we believe these capabilities will help mitigate newly emerging techniques that are threatening the health of open source ecosystems.

Announcing the Proof-of-Diligence (PoD) algorithm: A method of modeling trust and maintainability in open source ecosystems

Luke Hinds / Pankaj Telang /
15 mins read
 /
Apr 17, 2024

The OSS Trust Graph is an implementation of the Proof-of-Diligence algorithm created at Stacklok. Proof-of-Diligence (PoD) provides a robust mechanism to model trust, quality and maintainability in open source ecosystems. This blog post provides details on the reasoning behind the algorithm, how it is implemented, and how it can be used.

Loading...

Securing our security platform: Findings from Minder's independent security audit

Stacklok /
Jul 12, 2024
Cybersecurity
Continue Reading

DestroyLoneliness: npm starjacking attack on Roblox Node.js library delivers QuasarRAT

Poppaea McDermott /
Jul 11, 2024
Cybersecurity
Security Alerts
Continue Reading

Introducing the Frizbee GitHub Action to automate pinning actions and container images to digests

Radoslav Dimitrov / Luke Hinds /
Jun 20, 2024
OSS
Continue Reading

Python typosquatting attack targets popular open source PyPI library with 30M weekly downloads

Luis Juncal / Luke Hinds /
Jun 6, 2024
Security Alerts
Continue Reading

All I really need to know I learned from co-founding Kubernetes

Craig McLuckie /
Jun 6, 2024
OSS
Continue Reading

This Month in Minder: May 2024

Stacklok /
May 31, 2024
Minder
OSS
Continue Reading

Blocking unsafe open source dependencies in pull requests with Minder and OSV.dev

Yolanda Robla / Adolfo "Puerco" García Veytia /
May 29, 2024
Minder
Continue Reading

3 key takeaways from PyCon US 2024

Luis Juncal / Yolanda Robla /
May 28, 2024
OSS
Trusty
Continue Reading

Tutorial: Using Minder to automate management of source code repository configuration and security

Stacklok /
May 23, 2024
Minder
Continue Reading
Newsletter

Stay in the loop

Subscribe to our newsletter for the latest news about our products and about open source supply chain security.

Stacklok logo
© 2024 Stacklok
Privacy Policy Terms of Service
Main Menu
Home About Careers Contact
Products
Trusty Minder
Resources
All Resources Blog Videos Trusty Docs Minder Docs
Contact Us
hello@stacklok.com