VentureBeat

Free digital signing service aims to bolster software supply chain security

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More The bulk of code in today’s modern software artifacts is open-source in ...
Dark Reading

Linux Foundation Debuts Sigstore Project for Software Signing

The Linux Foundation today announced its launch of Sigstore, a new nonprofit initiative that aims to improve open source software supply chain security by making it easier for developers to adopt ...
ZDNet

Linux Foundation announces new open-source software signing service

The just-announced sigstore aims to improve the security of the software supply chain by enabling the easy adoption of cryptographic software signing backed by transparency log technologies. It will ...
InfoWorld

Sigstore: Roots of trust for software artifacts

Sigstore has become the default software signing method for everything from Kubernetes to NPM, Maven, and PyPi, verifying the integrity of more than a million open source packages. For the roughly ...
Computer Weekly

Linux Foundation sigstore finds ‘origins’ in software supply chains

The latest trends and issues around the use of open source software in the enterprise. The Linux Foundation announced the sigstore project this spring. Designed to improves the security of the ...