Latest Blog Posts

GUAC v0.1 Beta Release
Kusari is excited to announce the v0.1 beta release of GUAC — Graph for Understanding Artifact Composition.
Read More
Kusari Open-Sources Spector
With the recent release of SLSA v1.0, we’re excited to announce the open-sourcing of Spector, a brand-new tool and library designed to generate, validate, and verify supply chain metadata documents.
Read More
Figure Out Who's Lurking in Your Supply Chain With Signatures and Attestations
A Story of Software and Cats This cat’s wearing a bowtie and looks trustworthy but
Read More
Applying Zero Trust to the Software Supply Chain
In the previous article, we went over a high-level overview of what software supply chain security is and how it can be solved.
Read More
Kusari's Software Supply Chain Security Overview
So there’s Network Security, Application Security, Hardware Security, End Point Security, and a bunch of other categories of security.
Read More
The Next Heartbleed?
Heartbleed (CVE-2014-0160) in 2014 left the industry in a scramble to patch one of the most prominently used open-source projects in the ecosystem today, OpenSSL.
Read More