DEV Community

Ariel for Stacklok

Posted on • Edited on

3

OpenSSF Case Study: Enhancing Open Source Security with Sigstore at Stacklok

Stacklok was founded in 2023 by Craig McLuckie (co-creator of Kubernetes) and Luke Hinds (creator of the OpenSSF project Sigstore), with the goal of helping developers produce and consume open source software more safely.

As malicious attacks on open source software continue to grow in number and become more sophisticated (like the recent XZ Utils incident), governments and organizations are calling for increased security and protection against these attacks. Yet open source maintainers—who are often unpaid volunteers, with other full-time jobs—lack the time to stay up to speed on security best practices, and access to freely available tools that can proactively keep their software secure.

To help open source communities and developers produce and consume open source software more safely, Stacklok is harnessing the power of Sigstore, highlighted in this case study.

Read the rest of the case study here

Image description

Heroku

Build apps, not infrastructure.

Dealing with servers, hardware, and infrastructure can take up your valuable time. Discover the benefits of Heroku, the PaaS of choice for developers since 2007.

Visit Site

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more