Skip to content

Commit

Permalink
adding blog page
Browse files Browse the repository at this point in the history 
Signed-off-by: h4l0gen <[email protected]>
  • Loading branch information
@h4l0gen
h4l0gen committed May 22, 2024
1 parent 7f926c1 commit 3313190
Show file tree
Hide file tree
Showing 2 changed files with 89 additions and 2 deletions.
9 changes: 7 additions & 2 deletions config.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,12 +160,17 @@ parent = "community"
url = "https://cloud-native.slack.com/archives/C8NMD3QJ3"
weight = 6

[[menu.main]]
name = "Blogs"
url = "/blogs/"
weight = 4

[[menu.main]]
name = "News"
url = "/news/"
weight = 4
weight = 5

[[menu.main]]
name = "Contact"
url = "/contact/"
weight = 5
weight = 6
82 changes: 82 additions & 0 deletions content/blogs.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
---
title: Blogs
---


> ## Securing RubyGems with TUF, Part 1
>
> In this series of blog posts, I aim to explain the fundamental concepts of TUF and how they apply to RubyGems.
>
> [![ Read more ](https://img.shields.io/badge/Read_more-blue?style=for-the-badge&logoWidth=40)](https://developer.squareup.com/blog/securing-rubygems-with-tuf-part-1/)
---

> ## Securing RubyGems with TUF, Part 2
>
> How The Update Framework (TUF) protects clients from installing maliciously modified gems. In this post, we extend that system to allow developers to update their own gems.
>
> [![ Read more ](https://img.shields.io/badge/Read_more-blue?style=for-the-badge&logoWidth=40)](https://developer.squareup.com/blog/securing-rubygems-with-tuf-part-2/)
---

> ## Securing RubyGems with TUF, Part 3
>
> How The Update Framework (TUF) enables developers to securely sign for their code, protecting clients from installing maliciously modified gems.
>
> [![ Read more ](https://img.shields.io/badge/Read_more-blue?style=for-the-badge&logoWidth=40)](https://developer.squareup.com/blog/securing-rubygems-with-tuf-part-3/)
---

> ## How TUF can secure software systems from update vulnerabilities
>
> Over the past couple years, The Update Framework (TUF) has grown into a de facto standard to secure software system updates for many kinds of applications.
>
> [![ Read more ](https://img.shields.io/badge/Read_more-blue?style=for-the-badge&logoWidth=40)](https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/How-TUF-can-secure-software-systems-from-update-vulnerabilities)
---

> ## How we securely autoupdate Osquery at Kolide
>
> How We Securely Autoupdate Osquery at Kolide using The Update Framework(TUF).
>
> [![ Read more ](https://img.shields.io/badge/Read_more-blue?style=for-the-badge&logoWidth=40)](https://blog.kolide.com/how-we-securely-autoupdate-osquery-at-kolide-b0eda6ad05f6)
---

> ## CNCF Graduates TUF Project to Secure Software Updates
>
> The Update Framework (TUF) is made up of a set of libraries, file formats and utilities that can authenticate files and images before they are downloaded from a software repository.
>
> [![ Read more ](https://img.shields.io/badge/Read_more-blue?style=for-the-badge&logoWidth=40)](https://devops.com/cncf-graduates-tuf-project-to-secure-software-updates/)
---

> ## Exploring Docker Security – Part 3: Docker Content Trust
>
> Obtaining Docker images from private or public Docker Registries is affected by the same issues as every software update system: It must be ensured that a client can always verify the publisher of the content and got latest version of the image.
>
> [![ Read more ](https://img.shields.io/badge/Read_more-blue?style=for-the-badge&logoWidth=40)](https://blog.mi.hdm-stuttgart.de/index.php/2016/09/13/exploring-docker-security-part-3-docker-content-trust/)
---

> ## Fuchsia Friday: Amber keeps Fuchsia up to date and secure
>
> Newest additions to Fuchsia is The Update Framework “with the ambition of updating all components running on a Fuchsia system” including basic things like apps all the way down to the Zircon kernel and the bootloader.
>
> [![ Read more ](https://img.shields.io/badge/Read_more-blue?style=for-the-badge&logoWidth=40)](https://9to5google.com/2018/03/09/fuchsia-friday-amber-keeps-fuchsia-up-to-date-and-secure/)
---

> ## Secure Software Updates via TUF — Part 1
>
> Software is all around us and we see them getting regularly updated. How secure are these updates? What are the reasons for securing them? How do they (secure updates) work under the hood?
>
> [![ Read more ](https://img.shields.io/badge/Read_more-blue?style=for-the-badge&logoWidth=40)](https://medium.com/@mulgundmath/secure-software-updates-via-tuf-part-1-f9bbb34bcbbc)
---

> ## Secure Software Updates via TUF — Part 2
>
> TUF secures the software update delivery system using mechanisms such as roles, their signatures (PKI), threshold number of signatures, file hashes, and file size.
>
> [![ Read more ](https://img.shields.io/badge/Read_more-blue?style=for-the-badge&logoWidth=40)](https://medium.com/@mulgundmath/secure-software-updates-via-tuf-part-2-412c6a2b10ab)

0 comments on commit 3313190

Please sign in to comment.