Stay up to date on our latest news.
GUAC blog
Open source supply chain observability tool standardizes on PostgreSQL
Kusari blog
Gone are the days when signing containers and running vulnerability scans through CI processes provided a sense of security.
The recent incident involving the XZ backdoor brings to light the critical importance of vigilance and proactive security measures, while not losing sight of the human element.
Today, we find ourselves in a moment akin to proud parents, as we witness a significant milestone in the journey of Graph for Understanding Artifact Composition (GUAC).
The GUAC maintainers are pleased to announce the project has joined the Open Source Security Foundation (OpenSSF) as an Incubating Project.
Nathan Naveen, a 17-year-old high schooler, shares his journey to becoming an intern at Kusari
Kusari speaking at FOSDEM and other EU community venues
Kusari raises seed funding
Kusari elected to OpenSSF leadership roles
The missing first step that most organizations are still struggling with
GUAC's OpenVEX Integration
CVE-2023-38545 - HIGH Severity Vulnerability
Kusari have just launched a YouTube Channel!
A look into Guidewire's software supply chain security use case and why they are using GUAC
Helm Chart for GUAC
Tim appeared as a guest on the daBOM podcast.
Working towards determining a persistent database for GUAC
Kusari is excited to announce the v0.1 beta release of GUAC — Graph for Understanding Artifact Composition.
We’re excited to announce the open-sourcing of Spector.
A Story of Software and Cats
Understanding Zero Trust and Its Benefits
What is Software Supply Chain security, and why should I care?
Heartbleed (CVE-2014-0160) in 2014 left the industry in a scramble...
KubeCon + CloudNativeCon is right around the corner and we are excited to be attending in person!
Understanding and maintaining your software supply chain can be a task that needs 24/7 vigilance.
Executive Order (EO) 14028, Improving the Nation’s Cybersecurity was released last year in May.
There’s a misconception in Cybersecurity among some that Software Supply Chain Security is just Third Party Risk Mana...
Overview of the SPIFFE/SPIRE tool
Takeaways & Learnings