The Kusari Edge

November

2025

ICYMI: Noteworthy Headlines 🗞️

The introduction of SLSA 1.2 brings clearer requirements and improved attestation guidance, helping teams adopt stronger, more consistent software supply chain protections
The recent compromise of the Xubuntu torrent website highlights how vulnerable open-source distribution channels can be
A recent discussion on AI coding argues that automation alone doesn’t help teams ship software faster, echoing points we made recently in our blog
New reporting on the updated OWASP Top Ten shows how broken access controls continue to surge, which we’ll explore in our upcoming webinar
Experts now warn that healthcare cybersecurity lapses have become direct clinical safety issues rather than just IT problems

Get a sneak peek of Kusari Inspector with the Pull Request Scanner; log into GitHub, drop in a PR, and see what Kusari uncovers in your code
In case you missed it, Kusari now integrates seamlessly with GitLab workflows to bring supply chain checks directly into your existing pipelines
Our Learning Center just got a major glow-up, making it easier to explore and understand the key terms and elements of software supply chain security
Together, Kusari and Cloudsmith secure the build and the distribution; learn about our partnership and watch the replay of our recent webinar
Curious about Kusari's founders and what drives us? Read our backstory and watch the replay of our session from KubeCon

Finding it hard to keep track of equivalent commands across package management systems? Check out this handy table from https://ecosyste.ms