All Things OpenDec 1

🚀 NEW on We ❤️ Open Source 🚀

Electric sheep need defenders. 🐑🔐 Brett Smith explores how SLSA helps secure the software supply chain, translating EO 14028 into a roadmap for resilient pipelines.

Read the article: https://allthingsopen.org/articles/supply-chain-robots-slsa-security

#WeLoveOpenSource #SLSA #FOSS #Cybersecurity #DevSecOps #PolicyAsCode

anchoreNov 6

Zero CVEs ≠ Zero Risk.

Misconfigurations & leaked secrets can take down an image faster than any exploit.

Anchore helps teams catch both.

By @JoshSopuru → https://anchore.com/blog/beyond-the-cve-deep-container-analysis-with-anchore/

#SBOM #ContainerSecurity #PolicyAsCode #SoftwareSupplyChain

anchoreOct 31

Policy failure—not zero-days—is the real weak link.

Anchore enforces what "secure" means before bad configs & secrets ever ship.

Read @JoshSopuru's Beyond the CVE: https://anchore.com/blog/beyond-the-cve-deep-container-analysis-with-anchore/

#SBOM #ContainerSecurity #PolicyAsCode #SoftwareSupplyChain

anchoreOct 29

Relying on CVE scans alone is like putting a padlock on a vault with the back door open.

Anchore goes beyond the CVE to secure configs, secrets & policies.

By @JoshSopuru 👉 https://anchore.com/blog/beyond-the-cve-deep-container-analysis-with-anchore/

#SBOM #ContainerSecurity #PolicyAsCode #SoftwareSupplyChain

OctoLaunchOct 14
Policy-as-code makes governance reproducible & automatable. Enforce image signing, vulnerability scanning, & validate resource quotas starting small & scaling with warnings & blocks #PolicyAsCode #Governance
OctoLaunchOct 7
Guardrails guide behavior, gates stop unsafe actions. Use guardrails for daily autonomy & gates for production-critical ops #Guardrails #PolicyAsCode
Vladimir MikhalevMay 26

🚨 Security doesn't start in prod — it starts at terraform plan.

With Policy as Code tools like #OPA, #Checkov, Snyk, and #Sentinel by HashiCorp, you can catch misconfigs before they deploy. 🛡️

🎥 https://youtube.com/shorts/C-2OJMFVz8c

#Terraform #HashiCorp #DevSecOps #PolicyAsCode

Before you continue to YouTube

Open Policy Agent (OPA)May 13

Nicholaos Mouzourakis at Gusto has been a long-time contributor to #OPA, and has written some of the best blogs on #Rego we've read. Turns out he is just as great talking about it on video! Just published on YouTube, "Super-Scaling Open Policy Agent with Batch Queries" is a deep-dive into an advanced OPA topic, explained well enough to be interesting to most. Hosted by the ever excellent Bart Farrell. Recommended!

https://www.youtube.com/watch?v=b6aTh2Qn4tA

#CloudNative #CNCF #DevOps #DevSevOps #PolicyAsCode

Super-Scaling Open Policy Agent with Batch Queries, with Nicholaos Mouzourakis | KubeFM

YouTube
Anders EknertApr 22

A new #Regal release is out! Featuring 4 new linter rules, and a bunch of performance improvements along with the usual fixes. I'm particularly happy about the new "narrow-argument" rule, as I don't know many tools do that type of analysis for any language. It's an optional rule though, so make sure to enable it if you want to try it out!

https://github.com/StyraInc/regal/releases/tag/v0.33.1

#OPA #Rego #CloudNative #CodeQuality #PolicyAsCode

Release v0.33.1 · StyraInc/regal

This release adds 4 new linter rules to Regal, alongside significant performance improvements and several bug fixes. New Rule: in-wildcard-key Using a wildcard variable (_) for the key in the key-v...

GitHub
Open Policy Agent (OPA)Apr 15

The #KubeCon recordings are now on YouTube! We'll be posting links to all the #OpenPolicyAgent related ones as we watch them. First out is the #OPA maintainer track session, where @charlieegan3 and @anderseknert give a short introduction to OPA and Rego, followed by a deep-dive into recent performance improvements, and a sneak peek at the project roadmap. Check it out!

https://www.youtube.com/watch?v=XtA-NKoJDaI

#CloudNative #CNCF #DevOps #DevSecOps #PolicyAsCode

Open Policy Agent (OPA) Intro & Deep Dive - Charlie Egan & Anders Eknert, Styra

YouTube