OpenTelemetry Spans Explained: Deconstructing Distributed Tracing
Understand how OpenTelemetry Spans capture, connect, and explain every operation in your distributed system for deeper visibility.
Updates from The Open Source Security Foundation (OpenSSF) is a... Link
Story
@laura_garcia shared a post, 4 months, 3 weeks ago
Software Developer, RELIANOID
🔁 In case you missed it:Incident Response in 2025: Lessons Learned
🔁 In case you missed it: Our August blog post — “Incident Response in 2025: Lessons Learned” — looks back at a summer marked by major cyber incidents, from supply chain disruptions to large-scale data breaches. Discover how AI-driven detection, faster response strategies, and new resilience tools ar..
Link
@anjali shared a link, 4 months, 3 weeks ago
Customer Marketing Manager, Last9
Top 9 APM Tools for Node.js Performance Monitoring
Compare top APM tools for Node.js — from open-source options to enterprise-grade platforms — and choose the best fit for your stack.
Link
@anjali shared a link, 4 months, 3 weeks ago
Customer Marketing Manager, Last9
Top 11 Ruby APM Tools for 2025: A Performance-Driven Selection
Explore the top Ruby APM tools for 2025 — from open-source to enterprise — to monitor, trace, and optimize your app’s performance.
Story
@laura_garcia shared a post, 4 months, 3 weeks ago
Software Developer, RELIANOID
🔐 Defense-in-depth is no longer a theory—it's a necessity in industrial networks.
In our latest article, we explore how industrial sectors are implementing network segmentation and microsegmentation to protect critical systems. From vertical and horizontal segmentation models to modern OT firewalls and IoT gateways, we break down the architectures and tools driving zero-trust in ..
Story
@laura_garcia shared a post, 4 months, 3 weeks ago
Software Developer, RELIANOID
🌍 RELIANOID at DevOpsDays Almaty 2025 | 24 October | Almaty, Kazakhstan
DevOpsDays — a global series of technical conferences uniting software development and IT operations professionals — is coming to Almaty on 24 October 2025! 🎉 This event will gather local and international experts, engineers, and businesses to share insights, drive collaboration, and grow the DevOp..
Story
@laura_garcia shared a post, 4 months, 3 weeks ago
Software Developer, RELIANOID
🚨 Cyberattack on Qantas exposed growing threats to aviation
A few months ago, up to 6 million customers were affected through a third-party data breach — reportedly linked to Scattered Spider, a group notorious for social engineering and supply chain attacks. 🔍 The takeaway? The weakest link often lies outside the organization. ✈️ At RELIANOID, we helped air..
News FAUN.dev() Team Trending
@devopslinks shared an update, 4 months, 3 weeks ago
FAUN.dev()
AWS Outage: A Single Cloud Region Shouldn’t Take Down the World. But It Did.
A major AWS outage disrupted high-profile services like Amazon, Snapchat, and Disney+, affecting over 70 AWS services and causing widespread operational issues.
Link
@varbear shared a link, 4 months, 3 weeks ago
FAUN.dev()
GitHub MCP Registry: The fastest way to discover AI tools
GitHub rolled out theMCP Registry—a hub for findingModel Context Protocol (MCP) serverswithout hunting through scattered corners of the internet. No more siloed lists or mystery URLs. It's all in one place now. The goal? Cleaner access to AI agent tools, plus a path towardself-publishing, thanks to .. read more
Link
@varbear shared a link, 4 months, 3 weeks ago
FAUN.dev()
Nine HTTP Edge Cases Every API Developer Should Understand
Last February, CVE-2024-26141 punched a nasty hole inRack's Range header parsing. All versions since 1.3.0 are exposed. The bug let attackers blow up memory usage and responses—classic denial-of-service—just by crafting bloated Range headers. The trick? Custom file download handlers. They skip the u.. read more
OpenSSF was launched in 2021 and operates under the Linux Foundation, combining efforts from earlier initiatives such as the Core Infrastructure Initiative (CII) and industry-led supply chain security programs. Its mission is to make open source software more trustworthy, resilient, and secure by default, without placing unrealistic burdens on maintainers.
The foundation works across several key areas:
- Supply chain security: Developing frameworks, best practices, and tools to secure the software lifecycle from source to deployment. This includes stewardship of projects like sigstore and leadership on SLSA (Supply-chain Levels for Software Artifacts).
- Security tooling: Supporting and incubating open source tools that help developers detect, prevent, and remediate vulnerabilities at scale.
- Vulnerability management: Improving how vulnerabilities are discovered, disclosed, scored, and fixed across open source projects.
- Education and best practices: Publishing guidance, training, and maturity models such as the OpenSSF Best Practices Badge Program, which helps projects assess and improve their security posture.
- Metrics and research: Advancing data-driven approaches to understanding open source security risks and ecosystem health.
OpenSSF operates through working groups and special interest groups (SIGs) that focus on specific problem areas like securing builds, improving dependency management, or automating provenance generation. This structure allows practitioners to collaborate on concrete, actionable solutions rather than high-level policy alone.
By aligning maintainers, enterprises, and security teams, OpenSSF plays a central role in reducing large-scale risks such as dependency confusion, compromised build systems, and malicious package injection. Its work underpins many modern DevSecOps and cloud-native security practices and is increasingly referenced by governments and enterprises as a baseline for secure software development.
