The Kusari Edge

• The White House changes federal cybersecurity requirements with a new Executive Order
• Over a third of sites using the popular monitoring tool Grafana are vulnerable to cross-site scripting attacks
• CISA warns of supply chain attacks via SimpleHelp after a utility billing software company is hit with ransomware

Introducing Kusari Inspector - a new kind of developer security tool that provides real-time code security analysis right in pull requests. Developers get go/no-go feedback and can address vulnerabilities, risky dependencies and licensing concerns before code merges. And, with conversational AI, questions can be asked and findings clarified so security is at the forefront of developer decisions. Start now - install in minutes, free for 30 days.

• More on Kusari Inspector - Read the blog | Watch on YouTube
• Read what The New Stack said about Kusari Inspector: Startup Embeds AI Security Analysis in Dev Workflow
• Looking for a good SBOM generator? Nathan Naveen has some guidance

• June 26 | See us at OpenSSF Community Day in Denver
  • The Open Source SDLC Control Plane: Building the Supply Chain Security Sandwich | Michael Lieberman & Eman Abu Ishgair, Purdue
  • Enhancing Supply Chain Security: Integrating Zarf and GUAC for Seamless SBOM Generation and Delivery | Brandt Keller, Defense Unicorns
    
• July 16 at 10am PT, 1pm ET | Register for our Webinar
  • The New Frontline in DevSecOps: Security at the Pull Request

• GUAC 1.0 is available! Read all about the stable components
• OpenBao, a powerful secrets manager for DevOps, joins the OpenSSF

• Kusari Inspector, of course! Seriously, TRY IT! 😍
  • Instant go/no-go, smart remediation guidance and deep dependency insights to secure every release