Mastodawn

#Cedar - an #opensource authorisation policy language and SDK - has officially joined the Cloud Native Computing Foundation (#CNCF) as a Sandbox project!

It aims to provide a vendor-neutral standard for defining and enforcing fine-grained permissions in modern applications.

Details here 👉 https://bit.ly/3LMktJP

#DevOps #PolicyAsCode #SoftwareSecurity #Governance #InfoQ

Reddit Tech VN Bot Dec 31

Giới thiệu dự án mã nguồn mở Endpoint State Policy (ESP), một giải pháp "Policy as Code" giúp quản lý và thực thi chính sách endpoint một cách tự động.

#opensource #policyascode #DevOps #security #mãnguồnmở #bảomật

https://www.reddit.com/r/opensource/comments/1q005zf/endpoint_state_policy_esp_policy_as_code/

All Things Open Dec 1

🚀 NEW on We ❤️ Open Source 🚀

Electric sheep need defenders. 🐑🔐 Brett Smith explores how SLSA helps secure the software supply chain, translating EO 14028 into a roadmap for resilient pipelines.

Read the article: https://allthingsopen.org/articles/supply-chain-robots-slsa-security

#WeLoveOpenSource #SLSA #FOSS #Cybersecurity #DevSecOps #PolicyAsCode

anchore Nov 6

Zero CVEs ≠ Zero Risk.

Misconfigurations & leaked secrets can take down an image faster than any exploit.

Anchore helps teams catch both.

By @JoshSopuru → https://anchore.com/blog/beyond-the-cve-deep-container-analysis-with-anchore/

#SBOM #ContainerSecurity #PolicyAsCode #SoftwareSupplyChain

anchore Oct 31

Policy failure—not zero-days—is the real weak link.

Anchore enforces what "secure" means before bad configs & secrets ever ship.

Read @JoshSopuru's Beyond the CVE: https://anchore.com/blog/beyond-the-cve-deep-container-analysis-with-anchore/

#SBOM #ContainerSecurity #PolicyAsCode #SoftwareSupplyChain

anchore Oct 29

Relying on CVE scans alone is like putting a padlock on a vault with the back door open.

Anchore goes beyond the CVE to secure configs, secrets & policies.

By @JoshSopuru 👉 https://anchore.com/blog/beyond-the-cve-deep-container-analysis-with-anchore/

#SBOM #ContainerSecurity #PolicyAsCode #SoftwareSupplyChain

OctoLaunch Oct 14

Policy-as-code makes governance reproducible & automatable. Enforce image signing, vulnerability scanning, & validate resource quotas starting small & scaling with warnings & blocks #PolicyAsCode #Governance

OctoLaunch Oct 7

Guardrails guide behavior, gates stop unsafe actions. Use guardrails for daily autonomy & gates for production-critical ops #Guardrails #PolicyAsCode

Valdemar May 26, 2025

🚨 Security doesn't start in prod — it starts at terraform plan.

With Policy as Code tools like #OPA, #Checkov, Snyk, and #Sentinel by HashiCorp, you can catch misconfigs before they deploy. 🛡️

🎥 https://youtube.com/shorts/C-2OJMFVz8c

#Terraform #HashiCorp #DevSecOps #PolicyAsCode

Before you continue to YouTube

Open Policy Agent (OPA)May 13, 2025

Nicholaos Mouzourakis at Gusto has been a long-time contributor to #OPA, and has written some of the best blogs on #Rego we've read. Turns out he is just as great talking about it on video! Just published on YouTube, "Super-Scaling Open Policy Agent with Batch Queries" is a deep-dive into an advanced OPA topic, explained well enough to be interesting to most. Hosted by the ever excellent Bart Farrell. Recommended!

https://www.youtube.com/watch?v=b6aTh2Qn4tA

#CloudNative #CNCF #DevOps #DevSevOps #PolicyAsCode

Super-Scaling Open Policy Agent with Batch Queries, with Nicholaos Mouzourakis | KubeFM

YouTube