Parth Patel

149 posts

Parth Patel

@pxp928

Kusari - Software Supply Chain Security

Katılım Kasım 2021

120 Takip Edilen113 Takipçiler

Parth Patel retweetledi

Brandon Lum@lumjjb·15 Kas

It's so awesome hearing about the multiple shoutouts to 🥑GUAC during the @KubeCon_ keynotes!!! Really wished I could be there in person! Appreciate the call outs and looking forward to engaging with new community members! See you in slack! guac.sh/community/

English

191

Parth Patel retweetledi

Mihai Maruseac@mihaimaruseac·22 Eki

GUAC, SLSA and Sigstore mentioned several times at first keynote of #sossfusion (and other similar high quality projects)

English

272

Parth Patel retweetledi

TradeTalks@TradeTalks·3 Eki

.@PRODAFT @WinstonLaw & J2 Ventures join @JillMalandrino on @Nasdaq #TradeTalks to discuss comprehensive solutions for cyber teams to play offense and defensive and how privacy and security regulation is advancing. #CybersecurityAwarenessMonth x.com/i/broadcasts/1…

English

779

Parth Patel retweetledi

Brandon Lum@lumjjb·16 Eyl

Hi All! I’ll be talking about SBOMs and how Google produces and uses them for EO 14028 and beyond at this webinar tomorrow! Hope to see you there!

Anchore@anchore

📝 SBOMs are critical for a handful of reasons: #visibility into dependencies, enhance #security, meet #compliance and streamline development. Learn how Google is using our Syft #SBOM #opensource #SBOM tool in our upcoming webinar. get.anchore.com/how-sboms-prot…

English

593

Parth Patel retweetledi

Michael Lieberman@mlieberman85·3 Haz

I know everyone wants to work on the cool thing or save/make a ton of money by throwing AI at a problem but it's extraordinarily dangerous. How many folks are verifying that the provenance and that the code/training data isn't malicious or vulnerable?

Mihai Maruseac@mihaimaruseac

Model storage under attack (techcrunch.com/2024/05/31/hug…). Models are uninspectable, so the only solution to prevent tampering is to sign them. OpenSSF has a model signing SIG as part of the AI/ML WG. Both biweekly meetings are in the OpenSSF calendar. Also, github.com/sigstore/model…

English

406

Parth Patel retweetledi

Brandon Lum@lumjjb·23 May

Mark your calendars! Join us for our first ever GUAC @openssf tech talk on June 6th! openssf.org/blog/2024/05/1…

English

105

Parth Patel retweetledi

Brandon Lum@lumjjb·8 May

Awesome piece on supply chain security! Shout out to sigstore and GUAC!!!

OpenSSF@openssf

🔒 The vast majority of the world's software runs on open source code. Read this article by @Gizmodo to discover how OpenSSF's initiatives, such as Sigstore and GUAC, are shaping a more secure open source software ecosystem. gizmodo.com/open-source-cy… #OSSSecurity

English

397

Parth Patel retweetledi

Mihai Maruseac@mihaimaruseac·1 May

We are happy to publish a whitepaper on how we're thinking on securing the AI supply chain both internally and for OSS. This is a culmination of nearly a year of thinking about this space, from people working on AI or security, across multiple Google PAs. research.google/pubs/securing-…

Mihai Maruseac@mihaimaruseac

Since all model serialization formats are vulnerable, it is better to sign models on training (or upload) and verify signatures before use. Much better to also record the entire supply chain provenance. Will have more on this, soon

English

2.2K

Parth Patel retweetledi

Brandon Lum@lumjjb·7 Mar

🎉🥑🍅🧅I'm really excited as GUAC joins the OpenSSF community, allowing the project to continue to grow, and join forces with other partners and members in the OpenSSF in developing an open source knowledge graph! Looking forward to this next step in our journey!

OpenSSF@openssf

GUAC has joined the OpenSSF as an Incubating Project 🎉 GUAC is an open source supply chain security project that provides dependency management and actionable insights into the security of software supply chains. Read the announcement: openssf.org/blog/2024/03/0… #OSSSecurity

English

438

Parth Patel retweetledi

OpenSSF@openssf·7 Mar

English

2.3K

Parth Patel retweetledi

Manning Publications@ManningBooks·9 Şub

📣Deal of the Day📣 Feb 8 SAVE 45% on Securing the Software Supply Chain & selected titles: mng.bz/WrEx @mlieberman85 @lumjjb #SupplyChainSecurity Secure your entire #softwaresupplychain, including the code you write, libraries you use & the platforms you run on.

English

931

Parth Patel@pxp928·19 Oca

@interlynksp @kusaridev @mlieberman85 Thanks @interlynksp !

English

Surendra@interlynksp·19 Oca

Congratulations to our friends @kusaridev for the $8M seed round! @mlieberman85 @pxp928 - you are truly bringing a special GUAC to the party

English

300

Parth Patel retweetledi

Wei Lien Dang@weiliendang·18 Oca

Congratulations to @timsaprogrammer, @mlieberman85, @pxp928 & the @Kusari team on your seed round! It's been a privilege to work with you since the earliest days of your journey to tackle one of the biggest challenges in security today. unusual.vc/post/kusari-se…

English

1.2K

Parth Patel retweetledi

Software Engineering Daily@software_daily·6 Ara

Software Supply Chain Security with Michael Lieberman Michael Lieberman is the Co-Founder and CTO of Kusari and has an extensive background in software security. Michael joins the show today to talk about challenges and strategies in software supply chain security. softwareengineeringdaily.com/2023/12/06/sof… @mlieberman85 @kusaridev

English

1.9K

Parth Patel retweetledi

Michael Lieberman@mlieberman85·30 Kas

I’m out in Tokyo for talks at @openssf day and @linuxfoundation open source summit Japan. For folks who want to chat cybersecurity and GUAC hit me up.

English

252

Parth Patel retweetledi

Manning Publications@ManningBooks·18 Kas

📣Deal of the Day📣 Nov 18 Securing the Software Supply Chain & selected titles are 45% OFF: mng.bz/WrEx @mlieberman85 @lumjjb Secure your entire #softwaresupplychain, including the code you write, the libraries you use, and the platforms you run on. #SBOM #AppSec

English

3.2K

Parth Patel retweetledi

Abhishek Arya@infernosec·20 Eki

Excited to see GUAC landing as an @openssf incubating project, with the set of initial contributors - @Citi @kusaridev @torresariass(Purdue) @Google and quotes from some early adopters - @RedHat @Yahoo ClearAlpha @Guidewire_PandC github.com/ossf/tac/blob/…

English

1.3K

Parth Patel retweetledi

Brandon Lum@lumjjb·16 Eki

Increase your mental health on CVE drop days (I.e. recent curl vuln) by being prepared! Go in knowing your blast radius and prepared to patch and mitigate! In this blogpost @pxp928 , @mihaimaruseac and I use GUAC to do this for last week’s CURL CVE. kusari.dev/blog/terror-of…

English

834

Parth Patel retweetledi

Brandon Lum@lumjjb·23 Eyl

For those that didn't catch the LLM's response to "where's the vulns?", catch the recording up now! youtube.com/watch?v=gKpt0i…