TNS
VOXPOP
How has the recent turmoil within the OpenAI offices changed your plans to use GPT in a business process or product in 2024?
Increased uncertainty means we are more likely to evaluate alternative AI chatbots and LLMs.
0%
No change in plans, though we will keep an eye on the situation.
0%
With Sam Altman back in charge, we are more likely to go all-in with GPT and LLMs.
0%
What recent turmoil?
0%
 
Cloud Native Ecosystem Containers Edge Computing Microservices Networking Serverless Storage
Microsoft’s New .NET Dev Tool Draws Community Support
Nov 30th 2023 8:54am, by Darryl K. Taft
Amazon S3 Express One Zone Introduces Near-Real Time Object Storage
Nov 28th 2023 1:20pm, by Joab Jackson
Cloud Native Users Struggle to Achieve Benefits, Report Says
Nov 28th 2023 5:00am, by Charles Humble
Multicloud Architecture: What I Want to See
Nov 17th 2023 10:19am, by Robert Sonders
Create a Movie Recommendation Engine with Milvus and Python
Nov 17th 2023 9:32am, by Gourav Singh Bais
Demystifying Container Security for Developers
Nov 28th 2023 12:21pm, by David Benas
Why Securing Containers Is Like Going to the Dentist
Nov 17th 2023 7:09am, by Neta Krakover
Dell GA's APEX Cloud Platform for Red Hat OpenShift
Nov 2nd 2023 11:00am, by Chris J. Preimesberger
Lynis: Run a Security Audit on Linux for Free
Oct 28th 2023 6:00am, by Jack Wallen
Why Capistrano Got Usurped by Docker and Then Kubernetes
Oct 25th 2023 1:53pm, by David Eastman
Arm Pushes AI into the Smallest IoT Devices with Cortex-M52 Chip
Nov 27th 2023 1:06pm, by Jeffrey Burt
TikTok to Open Source 'Cloud-Neutralizing' Edge Accelerator
Nov 20th 2023 8:30am, by Joab Jackson
Docker at the Edge: How Machine Learning Transformed Fowl Task
Nov 9th 2023 10:28am, by Loraine Lawson
The 2023 State of Kubernetes in Production
Nov 7th 2023 8:10am, by Jennifer Riggins
Edge AI: How to Make the Magic Happen with Kubernetes
Sep 14th 2023 4:00am, by Saad Malik
Securing Microservices Communication with mTLS in Kubernetes
Nov 28th 2023 3:00am, by Robert Kimani
AppMap Releases Runtime Code Review as a GitHub Action
Nov 21st 2023 3:00am, by Susan Hall
Why Microservices Aren’t Working for You
Nov 20th 2023 6:34am, by Ned Harris
The Struggle for Microservice Integration Testing
Nov 10th 2023 6:30am, by Nočnica Mellifera
Docker at the Edge: How Machine Learning Transformed Fowl Task
Nov 9th 2023 10:28am, by Loraine Lawson
Why Is IPv6 Adoption Slow?
Nov 13th 2023 9:20am, by Tucker Preston
Effective Traffic Management with Kubernetes Gateway API Policies
Nov 7th 2023 3:00am, by Robert Kimani
Enhancing Kubernetes Networking with the Gateway API
Nov 3rd 2023 3:30am, by Robert Kimani
Cilium CNCF Graduation Could Mean Better Observability, Security with eBPF
Oct 13th 2023 4:00am, by B. Cameron Gain
Performant and Programmable Telco Networking with eBPF
Aug 11th 2023 10:00am, by Bill Mulligan
Netlify Launches Composable Web Platform for Enterprise Devs
Oct 19th 2023 9:00am, by Richard MacManus
4 Factors of a WebAssembly Native World
Oct 12th 2023 9:00am, by Liam Crilly
Raising the Serverless Bar: Infrastructure APIs Unleash More Value for Enterprises
Oct 10th 2023 10:00am, by Tyson Trautmann
The Security-First Mindset to Unlocking the AWS Opportunity 
Aug 9th 2023 8:14am, by David Melamed
3 Reasons Why Teams Move Away from AWS Lambda
Jul 18th 2023 10:00am, by Jonathan Michaux
Amazon S3 Express One Zone Introduces Near-Real Time Object Storage
Nov 28th 2023 1:20pm, by Joab Jackson
How Epic Games Revs up Unreal Engine 'Cook Time' for Devs
Nov 28th 2023 7:20am, by Cynthia Dunlop
How to Get Data Warehouse Performance on the Data Lakehouse
Nov 20th 2023 9:00am, by Sida Shen
MongoDB vs. ScyllaDB: A Comparison of Database Architectures
Nov 13th 2023 1:06pm, by Daniel Seybold
Doing DynamoDB Better, More Affordably, All at Once
Oct 30th 2023 11:00am, by Tzach Livyatan and Felipe Cardeneti Mendes
AI Frontend Development Software Development TypeScript WebAssembly Cloud Services Data Security
How to Mature Your DevOps Automation Practices
Nov 30th 2023 6:32am, by
Tackling AI's Black Box: Howso Challenges PyTorch and JAX
Nov 30th 2023 3:00am, by
How to Easily Add AI to Your Applications
Nov 28th 2023 10:44am, by
Docker CTO Explains How Docker Can Support AI Efforts
Nov 28th 2023 10:09am, by
Arm Pushes AI into the Smallest IoT Devices with Cortex-M52 Chip
Nov 27th 2023 1:06pm, by
Tackling AI's Black Box: Howso Challenges PyTorch and JAX
Nov 30th 2023 3:00am, by
The State of the Open Web: 3 Takeaways Heading into 2024
Nov 29th 2023 10:26am, by
Dev News: Vite Rust-ifies, Roc Language, JS Framework SDKs
Nov 24th 2023 7:30am, by
React Panel: Frontend Should Embrace React Server Components
Nov 23rd 2023 9:30am, by
How Qwik’s Astro Integration Beats Both React and Vanilla JS
Nov 23rd 2023 8:47am, by
Breaking Down the Wall in DevOps
Dec 1st 2023 5:30am, by
Hey Programming Language Developer — Get over Yourself
Nov 30th 2023 12:30pm, by
Microsoft’s New .NET Dev Tool Draws Community Support
Nov 30th 2023 8:54am, by
Thinking in Systems: A Sociotechnical Approach to DevOps
Nov 30th 2023 8:22am, by
How to Use Python If-Else Statements
Nov 30th 2023 5:00am, by
How to Get Advantages of TypeScript in JavaScript
Oct 27th 2023 10:51am, by
Dev News: Udemy's New Docker Program, Plus TypeScript Beta
Oct 7th 2023 5:01am, by
The Angular Renaissance: Why Frontend Devs Should Revisit It
Sep 26th 2023 8:15am, by
Dev News: A 'Nue' Frontend Dev Tool; Panda and Bun Updates
Sep 16th 2023 4:00am, by
Dev News: Svelte 5 vs. VanillaJS and Google’s Project IDX
Aug 12th 2023 8:00am, by
Why WebAssembly Is a Good Fit for Extensible Control Planes
Nov 29th 2023 1:36pm, by
Dev News: Vite Rust-ifies, Roc Language, JS Framework SDKs
Nov 24th 2023 7:30am, by
WebAssembly's Status in Computing
Nov 14th 2023 11:14am, by
Who's Leading WebAssembly Adoption? So Far, Vendors
Nov 6th 2023 6:00am, by
Can Kubernetes Solve WebAssembly's Component Challenges?
Nov 2nd 2023 7:13am, by
4 Guidelines to Tame Your Hybrid Cloud Migration
Nov 30th 2023 8:00am, by
Amazon Q, a GenAI to Understand AWS (and Your Business Docs)
Nov 29th 2023 8:47am, by
VMware Unveils a Pile of New Data Services for Its Cloud
Nov 22nd 2023 8:44am, by
A Guide to Migrating to the AWS Identity Center
Nov 20th 2023 12:00pm, by
How to Manage Cloud Services with Terraform
Nov 20th 2023 9:34am, by
Tackling AI's Black Box: Howso Challenges PyTorch and JAX
Nov 30th 2023 3:00am, by
Docker CTO Explains How Docker Can Support AI Efforts
Nov 28th 2023 10:09am, by
How Epic Games Revs up Unreal Engine 'Cook Time' for Devs
Nov 28th 2023 7:20am, by
How Discord Scales up to Millions of Users on a Single Guild (Server)
Nov 28th 2023 6:00am, by
Puzzling over the Postgres Query Planner with LLMs
Nov 27th 2023 9:27am, by
Mitigate OWASP Security Top Threats with an API Gateway
Nov 29th 2023 10:40am, by
How Cilium’s Mutual Authentication Can Compromise Security
Nov 29th 2023 9:14am, by
How a Popular Combo Provides DDoS Protection
Nov 29th 2023 8:12am, by
Demystifying Container Security for Developers
Nov 28th 2023 12:21pm, by
Securing Microservices Communication with mTLS in Kubernetes
Nov 28th 2023 3:00am, by
Platform Engineering Operations CI/CD Tech Life DevOps Kubernetes Observability Service Mesh
Measuring the Impact of Your Platform Engineering Strategy
Nov 30th 2023 9:30am, by David Williams
How to Mature Your DevOps Automation Practices
Nov 30th 2023 6:32am, by Saif Gunja
Cloud Native Users Struggle to Achieve Benefits, Report Says
Nov 28th 2023 5:00am, by Charles Humble
A Shortcut to Building an Enterprise-Grade Developer Platform
Nov 27th 2023 10:02am, by Luca Galante
How to Be an Effective Platform Engineering Team
Nov 22nd 2023 6:53am, by Nočnica Mellifera
How Meta Patches Linux at Hyperscale
Dec 1st 2023 3:00am, by Steven J. Vaughan-Nichols
How a Popular Combo Provides DDoS Protection
Nov 29th 2023 8:12am, by Andrey Slastenov
Does Kubernetes Really Perform Better on Bare Metal vs. VMs?
Nov 24th 2023 6:30am, by Oleg Zinovyev
Two Easy Ways to Improve Your Website Homepage
Nov 21st 2023 11:00am, by Andy Corrigan
5 Ways to Supercharge Incident Remediation with Automation
Nov 21st 2023 9:30am, by Greg Chase
How to Observe Your CI/CD Pipelines with OpenTelemetry
Nov 28th 2023 7:40am, by Adriana Villela and Reese Lee
How to Use Databases Inside GitHub Actions
Nov 9th 2023 9:40am, by Gerald Venzl
Securing CI/CD Pipelines: A Comprehensive Approach Is Vital
Oct 25th 2023 6:06am, by Noah Simon
Continuous Release: Move Faster without Breaking Things
Oct 19th 2023 10:55am, by Karishma Irani
No Workflow Is an Island
Oct 13th 2023 7:09am, by Mark Fussell
Tech Works: How to Build a Life-Long Career in Engineering
Dec 1st 2023 5:00am, by Jennifer Riggins
How to Use Python If-Else Statements
Nov 30th 2023 5:00am, by Jack Wallen
Tic-Tac-Toe with Python and Tkinter
Nov 29th 2023 9:46am, by Jessica Wachtel
Meet ‘Anna Boyko’: How a Fake Speaker Blew up DevTernity
Nov 28th 2023 11:24am, by Richard Gall
Cloud Native Users Struggle to Achieve Benefits, Report Says
Nov 28th 2023 5:00am, by Charles Humble
Breaking Down the Wall in DevOps
Dec 1st 2023 5:30am, by Laura Santamaria
Top 5 Best Practices for Naming OpenTelemetry Attributes
Dec 1st 2023 4:00am, by Carl Brahms
Thinking in Systems: A Sociotechnical Approach to DevOps
Nov 30th 2023 8:22am, by Tao Hansen
4 Guidelines to Tame Your Hybrid Cloud Migration
Nov 30th 2023 8:00am, by Silvia Davis
How to Mature Your DevOps Automation Practices
Nov 30th 2023 6:32am, by Saif Gunja
Microsoft’s New .NET Dev Tool Draws Community Support
Nov 30th 2023 8:54am, by Darryl K. Taft
Why WebAssembly Is a Good Fit for Extensible Control Planes
Nov 29th 2023 1:36pm, by Charles Humble
How Cilium’s Mutual Authentication Can Compromise Security
Nov 29th 2023 9:14am, by Christian Posta
OpenTelemetry for Go Is Almost a Go
Nov 29th 2023 7:22am, by B. Cameron Gain
Securing Microservices Communication with mTLS in Kubernetes
Nov 28th 2023 3:00am, by Robert Kimani
Top 5 Best Practices for Naming OpenTelemetry Attributes
Dec 1st 2023 4:00am, by Carl Brahms
Hey Programming Language Developer — Get over Yourself
Nov 30th 2023 12:30pm, by Alex Williams
OpenTelemetry for Go Is Almost a Go
Nov 29th 2023 7:22am, by B. Cameron Gain
How to Observe Your CI/CD Pipelines with OpenTelemetry
Nov 28th 2023 7:40am, by Adriana Villela and Reese Lee
5 Ways to Supercharge Incident Remediation with Automation
Nov 21st 2023 9:30am, by Greg Chase
Using JWTs to Authenticate Services Unravels API Gateways
Nov 8th 2023 6:53am, by Christian Posta and Peter Jausovec
Enhancing Kubernetes Networking with the Gateway API
Nov 3rd 2023 3:30am, by Robert Kimani
Linkerd Enterprise Creators: Keep the Sidecar Mesh
Oct 31st 2023 7:05am, by B. Cameron Gain
Scaling Environments with OpenTelemetry and Service Mesh
Oct 17th 2023 11:13am, by Anirudh Ramanathan
Kubernetes 1.28 Accommodates the Service Mesh, Sudden Outages
Aug 18th 2023 10:08am, by Joab Jackson
Cloud Native Ecosystem / Cloud Services / Containers

CNCF Brings Security to the Cloud Native Stack with Notary, TUF Adoption

Oct 24th, 2017 12:01am by
Featued image for: CNCF Brings Security to the Cloud Native Stack with Notary, TUF Adoption

The Cloud Native Computing Foundation continues to vigorously build its portfolio of open source cloud-native technologies. CNCF’s Technical Oversight Committee voted to accept both the Docker-developed Notary trusted content framework and the specification Notary was built on, TUF, as the 13th and 14th hosted projects, respectively.

The organizations announced the new members at the Open Source Summit Europe, being held this week in Prague.

Notary at a Glance

  • 865 GitHub stars
  • 156 forks
  • 45 contributors
  • 8 maintainers
  • 2600+ commits
  • 34 releases

Released by Docker in 2015, Notary manages the metadata needed to ensure the integrity of container image updates, even those on untrusted networks and linked to compromised registries. The software allows developers to sign applications at every step of development, blocking malicious content from being injected into the workflow.

Notary provides both a client and a pair of server applications to host signed metadata and signing duties. It is included in both the Docker Enterprise Edition and Community Edition and is a component of Docker’s Moby Project.

The interactions between the Notary client, server, and signer.

Huawei, Motorola Solutions, VMWare, LinuxKit, Quay, and Kubernetes also use Notary.

TUF at a Glance

  • 517 GitHub stars
  • 74 forks
  • 27+ contributors
  • 2700+ commits

Notary is based on The Update Framework (TUF) specification, a specification originally designed to secure software updates across distributed systems. TUF provides a design to keep resources secure even when cryptographic keys or servers are compromised. TUF predates the current popularity of containers and was originally developed for any form of software distribution.

The Kolide monitoring platform uses a TUF implementation to securely distribute osquery through an auto-updater.

TUF was originally written in 2009 by New York University Professor Justin Cappos and developed further by Cappos’s Secure Systems Lab at NYU’s Tandon School of Engineering.

Notary and TUF join the following CNCF projects Kubernetes, Prometheus, OpenTracing, Fluentd, linkerd, gRPC, CoreDNS, containerd, rkt, CNI, Envoy, and Jaeger.

The Cloud Native Computing Foundation is a sponsor of The New Stack.

Feature image via Pixabay.

TRENDING STORIES
Group Created with Sketch.
Joab Jackson is a senior editor for The New Stack, covering cloud native computing and system operations. He has reported on IT infrastructure and development for over 25 years, including stints at IDG and Government Computer News. Before that, he...
Read more from Joab Jackson
SHARE THIS STORY
TRENDING STORIES
TNS owner Insight Partners is an investor in: The New Stack, Docker.
TRENDING STORIES
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.