Tim Miller

This was a privilege and @GregorVand was a great host!

🥑+🤖🧠=🔐 We got a super exciting GUAC community meeting coming up this week... which may or may not feature some LLMs!! Come join us and see some cool demos from @ridhoq @sozercan and more! Meeting invite details at guac.sh/community

📢New in MEAP📢 Securing the Software Supply Chain by @mlieberman85 and @lumjjb mng.bz/yZYe #SupplyChainSecurity #SBOM #AppSec Secure your entire software supply chain, including the code you write, the libraries you use, and the platforms you run on.

We wrote a book about supply chain security! Check it out and use code mileberman for a 45% discount!

@lumjjb and I wrote a book on software supply chain security. Check it out! mng.bz/vPxa. Use code mllieberman for 45% off. It goes from threat model to architecture and talks about many of the @owasp, @openssf, @cncf, and @linuxfoundation tools and frameworks.

🥑 GUAC has hit 1k Github stars!!! Exactly since 1 year ago since the project started this time last year!!! Big thank you to our community and supporters! #guacsec/guac&Date" target="_blank" rel="nofollow noopener">star-history.com/#guacsec/guac&…

Kusari's GUACademy is now live! The first video in the series is an introduction to GUAC with other follow on videos that will cover installation to advanced queries. Be sure to subscribe 😉! youtube.com/watch?v=U7jRTZ…

@mihaimaruseac Dr evil with hair plugs

ElMu: Iron Man or Joker?

Welcome to the OpenSSF TAC @mlieberman85!

Only 25 stars left for #guac to hit 1k. If you haven't yet, we'd love the little nudge to 1k. You can bet there will be guac served at the party! 🥳🥑 github.com/guacsec/guac

@allanfriedman @BSidesLV I’ll be there! Love to catch up

I'll be at the Vegas cons in a few weeks, and still have some room in my schedule. I'll be around @bsideslv, DEF CON, and will be swinging by Mandalay for a few meetings. LMK if you want to chat SW supply chains, vulnerability ecosystem, broader cybersecurity policy, or #SBOM

Only 37 spots left in the very exclusive club of people who are among the first 1k stargazers on GUAC. github.com/guacsec/guac

#GUAC community meeting today in 3 hours! Links here: guac.sh/community/

@tuckner @allanfriedman let us know if storing the sboms would be useful in guac - it's something others have brought up as well - github.com/guacsec/guac

@allanfriedman Yes great questions! I think the one left for me to answer is Storage: for internal requirements. So interested in .well-known-esque access to these resources.

A fun question on #SBOM w a bunch of subquestions lurking underneath: - SBOM naming conventions, incl versioning - Storage - for what uses? SW producer vs customer - Tracking the meta-meta-data (e.g. access ctrl) - well-known URI / directories? These seem like solvable

Be sure to join us this Thursday (7/20) at 1 PM EST for the #GUAC community meeting! We are excited to be demoing the work being done on the persistent backend: ArangoDB, ENT, and Neptune! Invite to the community call can be found on the community page: guac.sh/community/

If you haven't checked out GUAC, now's a great time, and we'd love it if you gave us a star while you're there! 1k is right there 👊

“Tim Miller on Storage Management with Guac” 🎧 Listen to the full episode with Tim Miller and DJ Schleen 👉 dabom.show/tim-miller/ @timsaprogrammer @djschleen #sbom #cybersecurity #guac #slsa

The GUAC talk at OSS NA is now public on YouTube: youtu.be/mkZJcIkOF8Q. Give it a watch and let us know what ideas you have for GUAC, how can we help you, etc.

Only 42 stars left until GUAC repo is short 0.1k of 1000 stars. If you haven't seen it already, here's the link: github.com/guacsec/guac

Don’t let the version number fool you, the Graph for Understanding Artifact Composition (aka Guac 🥑) latest release is packed with features! 🤩 If you’re not solving your supply chain security concerns with OSS tools like this, you’re doing it wrong. kusari.dev/blog/guac-beta…