InfoQ11h ago

CEL-expr-python – the Common Expression Language (CEL) in #Python is now #opensource!

CEL is a non-Turing complete embedded policy and expression language built for simplicity, speed, safety, and portability.

Learn more on #InfoQhttps://bit.ly/3NQL4pU

#SoftwareDevelopment #Google #PolicyAsCode

InfoQFeb 2

#Cedar - an #opensource authorisation policy language and SDK - has officially joined the Cloud Native Computing Foundation (#CNCF) as a Sandbox project!

It aims to provide a vendor-neutral standard for defining and enforcing fine-grained permissions in modern applications.

Details here 👉 https://bit.ly/3LMktJP

#DevOps #PolicyAsCode #SoftwareSecurity #Governance #InfoQ

Reddit Tech VN BotDec 31

Giới thiệu dự án mã nguồn mở Endpoint State Policy (ESP), một giải pháp "Policy as Code" giúp quản lý và thực thi chính sách endpoint một cách tự động.

#opensource #policyascode #DevOps #security #mãnguồnmở #bảomật

https://www.reddit.com/r/opensource/comments/1q005zf/endpoint_state_policy_esp_policy_as_code/

All Things OpenDec 1

🚀 NEW on We ❤️ Open Source 🚀

Electric sheep need defenders. 🐑🔐 Brett Smith explores how SLSA helps secure the software supply chain, translating EO 14028 into a roadmap for resilient pipelines.

Read the article: https://allthingsopen.org/articles/supply-chain-robots-slsa-security

#WeLoveOpenSource #SLSA #FOSS #Cybersecurity #DevSecOps #PolicyAsCode

anchoreNov 6

Zero CVEs ≠ Zero Risk.

Misconfigurations & leaked secrets can take down an image faster than any exploit.

Anchore helps teams catch both.

By @JoshSopuru → https://anchore.com/blog/beyond-the-cve-deep-container-analysis-with-anchore/

#SBOM #ContainerSecurity #PolicyAsCode #SoftwareSupplyChain

anchoreOct 31

Policy failure—not zero-days—is the real weak link.

Anchore enforces what "secure" means before bad configs & secrets ever ship.

Read @JoshSopuru's Beyond the CVE: https://anchore.com/blog/beyond-the-cve-deep-container-analysis-with-anchore/

#SBOM #ContainerSecurity #PolicyAsCode #SoftwareSupplyChain

anchoreOct 29

Relying on CVE scans alone is like putting a padlock on a vault with the back door open.

Anchore goes beyond the CVE to secure configs, secrets & policies.

By @JoshSopuru 👉 https://anchore.com/blog/beyond-the-cve-deep-container-analysis-with-anchore/

#SBOM #ContainerSecurity #PolicyAsCode #SoftwareSupplyChain

OctoLaunchOct 14
Policy-as-code makes governance reproducible & automatable. Enforce image signing, vulnerability scanning, & validate resource quotas starting small & scaling with warnings & blocks #PolicyAsCode #Governance
OctoLaunchOct 7
Guardrails guide behavior, gates stop unsafe actions. Use guardrails for daily autonomy & gates for production-critical ops #Guardrails #PolicyAsCode
ValdemarMay 26, 2025

🚨 Security doesn't start in prod — it starts at terraform plan.

With Policy as Code tools like #OPA, #Checkov, Snyk, and #Sentinel by HashiCorp, you can catch misconfigs before they deploy. 🛡️

🎥 https://youtube.com/shorts/C-2OJMFVz8c

#Terraform #HashiCorp #DevSecOps #PolicyAsCode

Before you continue to YouTube