Docker Brings Production-Grade Hardened Images to Developers at No Cost
Docker has launched Docker Hardened Images, a secure and minimal set of production-ready images. These images are now freely available to developers.
Updates from The Open Source Security Foundation (OpenSSF) is a...
Link
@anjali shared a link, 2 months, 2 weeks ago
Customer Marketing Manager, Last9
OTel Updates: OpenTelemetry Deprecates Zipkin Exporters
OpenTelemetry deprecates Zipkin exporters in favor of native OTLP support. Migration paths and timeline through December 2026.
News FAUN.dev() Team
@kaptain shared an update, 2 months, 2 weeks ago
FAUN.dev()
Argo CD 3.2.2 Improves Secret Management, Retry Safety, and Auth Checks
ArgoCD v3.2.2 has been released, featuring a new addition, two enhancements, and a bug fix. This update aims to improve the overall functionality and reliability of the platform.
News FAUN.dev() Team
@devopslinks shared an update, 2 months, 2 weeks ago
FAUN.dev()
Rust Confirmed for Linux Kernel: Experiment Concludes Successfully
The Rust experiment in the Linux kernel concludes, confirming its suitability and permanence in kernel development, with Rust now used in production and supported by major Linux distributions.
Course
@eon01 published a course, 2 months, 2 weeks ago
Founder, FAUN.dev
News FAUN.dev() Team
@kaptain shared an update, 2 months, 2 weeks ago
FAUN.dev()
Kubernetes v1.35 Timbernetes Release: 60 Enhancements
Kubernetes v1.35, the Timbernetes Release, debuts with 60 enhancements, including stable in-place Pod updates and beta features for workload identity and certificate rotation.
Activity
@kaptain added a new tool Kubernetes Gateway API , 2 months, 2 weeks ago.
News FAUN.dev() Team
@kala shared an update, 2 months, 2 weeks ago
FAUN.dev()
Google Releases Magika 1.0: AI File Detection in Rust
Google releases Magika 1.0, an AI file detection system rebuilt in Rust for improved performance and security.
News FAUN.dev() Team
@kala shared an update, 2 months, 2 weeks ago
FAUN.dev()
Google’s Cloud APIs Become Agent-Ready with Official MCP Support
Google supports the Model Context Protocol to enhance AI interactions across its services, introducing managed servers and enterprise capabilities through Apigee.
OpenSSF was launched in 2021 and operates under the Linux Foundation, combining efforts from earlier initiatives such as the Core Infrastructure Initiative (CII) and industry-led supply chain security programs. Its mission is to make open source software more trustworthy, resilient, and secure by default, without placing unrealistic burdens on maintainers.
The foundation works across several key areas:
- Supply chain security: Developing frameworks, best practices, and tools to secure the software lifecycle from source to deployment. This includes stewardship of projects like sigstore and leadership on SLSA (Supply-chain Levels for Software Artifacts).
- Security tooling: Supporting and incubating open source tools that help developers detect, prevent, and remediate vulnerabilities at scale.
- Vulnerability management: Improving how vulnerabilities are discovered, disclosed, scored, and fixed across open source projects.
- Education and best practices: Publishing guidance, training, and maturity models such as the OpenSSF Best Practices Badge Program, which helps projects assess and improve their security posture.
- Metrics and research: Advancing data-driven approaches to understanding open source security risks and ecosystem health.
OpenSSF operates through working groups and special interest groups (SIGs) that focus on specific problem areas like securing builds, improving dependency management, or automating provenance generation. This structure allows practitioners to collaborate on concrete, actionable solutions rather than high-level policy alone.
By aligning maintainers, enterprises, and security teams, OpenSSF plays a central role in reducing large-scale risks such as dependency confusion, compromised build systems, and malicious package injection. Its work underpins many modern DevSecOps and cloud-native security practices and is increasingly referenced by governments and enterprises as a baseline for secure software development.
