Cut Your Docker Build Time in Half: 6 Essential Optimization Techniques
Pro tips to write dockerfiles. Cut your build timing of your images by half.
Updates and recent posts about Sigstore.. Link
Story
@laura_garcia shared a post, 1 month ago
Software Developer, RELIANOID
The JLR Cyber Incident: A Warning Shot for the Automotive Industry
The major cyberattack that halted Jaguar Land Rover’s production for almost six weeks has exposed a hard truth: modern automotive manufacturing is deeply vulnerable to digital disruption. From frozen assembly lines to supplier chaos and regional economic fallout, the incident showed how quickly a si..
Link
@anjali shared a link, 1 month ago
Customer Marketing Manager, Last9
What is AWS Fargate for Amazon ECS?
Understand how AWS Fargate runs your ECS containers without servers—just define CPU, memory, and networking, and AWS handles the compute.
Story
@shurup shared a post, 1 month ago
@palark
Helm v4 new features and changes
Helm v4 has been released a week ago. Its highlights are: - Server-Side Apply instead of 3-Way Merge - WASM plugins - Using kstatus for resource tracking - Content-based chart caching This articleprovides a detailed overview of why these changes were made in Helm v4 and what they bring for Helm user..
Story
@laura_garcia shared a post, 1 month ago
Software Developer, RELIANOID
✈️ Ensuring Efficiency and Security in Airport Operations
Today we highlight our main diagram “Airport Software Systems”, showcasing how integrated airport management platforms —from AODB to landside & airside operations, billing, and information systems— work together to ensure efficient and secure airport operations. We also explain how load balancing en..
Link
@anjali shared a link, 1 month ago
Customer Marketing Manager, Last9
OTel Updates: Complex Attributes Now Supported Across All Signals
OTLP 1.9.0 adds support for maps, arrays, and byte arrays across all OTel signals. Here's when to use complex attributes and when to stick with flat.
Story
@laura_garcia shared a post, 1 month ago
Software Developer, RELIANOID
SOC 2 Compliance
📢 At RELIANOID, we follow SOC 2 Trust Service Criteria to ensure Security, Availability, Confidentiality, Processing Integrity, and Privacy across our load balancing solutions — whether on-prem, cloud, or hybrid. Our controls align with the needs of highly regulated environments such as finance, hea..
Link
@varbear shared a link, 1 month ago
FAUN.dev()
Chinese Hackers Use Anthropic's AI to Launch Automated Cyber Espionage Campaign
Chinese state-backed threat actorsorchestrated automated cyber attacks using AI technology developed byAnthropicin a highly refinedespionage campaignin mid-September 2025. The attackers leveraged AI to execute 80-90% of tactical operations independently at physically impossible request rates, markin.. read more
Link
@varbear shared a link, 1 month ago
FAUN.dev()
10 MCP Servers to Optimize Developer Workflows
TheModel Context Protocol (MCP)wires AI agents into real-world dev workflows, think pushing to GitHub, deploying APIs, tweaking Docker, all straight from the code editor. MCP servers like GitHub MCP, Apidog MCP, and Supabase MCP plug into popular tools and infra. They let LLMs update code, ship APIs.. read more
Link
@varbear shared a link, 1 month ago
FAUN.dev()
Zigbook – Learn the Zig Programming Language
Learning Zig is not just about adding a language to your resume. It is about fundamentally changing how you think about software. The book promise: “You came for syntax. You'll leave with a philosophy.”!.. read more
At its core, sigstore removes many of the traditional barriers associated with code signing. Instead of managing long-lived private keys manually, sigstore supports keyless signing, where identities are issued dynamically using OpenID Connect (OIDC) providers such as GitHub Actions, Google, or Microsoft. This dramatically lowers operational complexity and reduces the risk of key compromise.
The sigstore ecosystem is composed of several key components:
- Cosign: A tool for signing, verifying, and storing signatures for container images and other artifacts. Signatures are stored alongside artifacts in OCI registries, rather than embedded in them.
- Fulcio: A certificate authority that issues short-lived X.509 certificates based on OIDC identities, enabling keyless signing.
- Rekor: A transparency log that records signing events in an append-only, tamper-evident ledger. This provides public auditability and detection of suspicious or malicious signing activity.
Together, these components allow anyone to verify who built an artifact, when it was built, and whether it has been tampered with, using publicly verifiable cryptographic proofs. This aligns closely with modern supply chain security practices such as SLSA (Supply-chain Levels for Software Artifacts).
sigstore is widely adopted in the cloud-native ecosystem and integrates with tools like Kubernetes, container registries, CI/CD pipelines, and package managers. It is commonly used to sign container images, Helm charts, binaries, and SBOMs, and is increasingly becoming a baseline security requirement for production software delivery.
The project is governed by the OpenSSF (Open Source Security Foundation) and supported by major industry players.
