Join us

FAUN.dev() is where engineers from GitHub, Netflix, and Shopify go to stay ahead — fast.

An effortless, straightforward way to keep up with technologies...so you can keep your tabs closed and your mind open!

70,000+ developers already joined our ecosystem ⭐⭐⭐⭐⭐
Trusted by engineers at:

Google • Microsoft • AWS • Netflix

Sigstore

Sigstore is an open source project that provides free, automated, and cryptographically verifiable signing for software artifacts, with a strong focus on supply chain security.

Featured Course(s)

DevSecOps in Practice

A Hands-On Guide to Operationalizing DevSecOps at Scale

> Get Your Copy

Content

Updates and recent posts about Sigstore..

Posts
Description

Story

@laura_garcia shared a post, 8 months, 1 week ago

Software Developer, RELIANOID

🌐 NIS2 is reshaping cybersecurity compliance across Europe.

At RELIANOID, we are fully aligned and compliant with NIS2 requirements, helping organizations strengthen their security posture. 👉 Explore more: https://www.relianoid.com/security-compliances/relianoid-nis2-compliance/ #NIS2#CyberSecurity#Compliance#Regulation#EUCompliance#InfoSec#DataProtection#Go..

nis2 compliance RELIANOID

Story

@ketbostoganashvili shared a post, 8 months, 1 week ago

Technical Content Writer

Send emails with Vercel and Mailtrap

#transac... #email m... #vibe co... #send em... #Nocode

Learn how to integrate Mailtrap with your Vercel-hosted applications to send transactional emails with reliable delivery and comprehensive analytics.

Story

@ketbostoganashvili shared a post, 8 months, 1 week ago

Technical Content Writer

Send emails with Bolt.new and Mailtrap

#transac... #email m... #send em... #vibe co... #Nocode

Learn how to integrate Mailtrap with your Bolt.new application to send transactional emails and manage contacts without writing complex code.

Link

@anjali shared a link, 8 months, 1 week ago

Customer Marketing Manager, Last9

APM for Kubernetes: Monitor Distributed Applications at Scale

Understand Kubernetes APM by linking request flows with pod, node, and cluster data to get complete visibility at scale.

Story

@laura_garcia shared a post, 8 months, 2 weeks ago

Software Developer, RELIANOID

🌊 Load Balancing Smart Wave with RELIANOID — Built for Marine Telemetry

The Smart Wave platform is key for real-time telemetry from offshore buoys, vessels, and coastal stations. But how do you ensure it performs reliably — even over satellite links? We've published a new technical guide showing how to load balance Smart Wave using RELIANOID: ✅ MQTT & TCP ingestion for ..

Knowledge base_how to load balance SMART WAVE_blue economy

Link

@faun shared a link, 8 months, 2 weeks ago

FAUN.dev()

Claude Code Ushers in a New Era of Agentic Programming

The rapid evolution of agentic coding is transforming software development, moving beyond traditional methods to intelligent, autonomous systems. Anthropic's Claude Code represents a significant leap in AI assistance for developers, shifting the paradigm from direct text manipulation to hands-off co.. read more

Link

@faun shared a link, 8 months, 2 weeks ago

FAUN.dev()

My Own DNS Server At Home

RunningBIND on Fedora with Podmanputs you in the driver’s seat—local DNS, full zone control, and no third-party middlemen. It handles staticforward/reverse zonesacross multiple IPv4 subnets, skips the mess of dynamic updates, and plugs into your router as a recursiveforwarding resolver. Call it a se.. read more

My Own DNS Server At Home

Link

@faun shared a link, 8 months, 2 weeks ago

FAUN.dev()

Vibe Coding Will Break Your Enterprise

Tools likeReplitandLovableare fine for quick hacks. Not for enterprise. They can’t handle service integration, durable state, or transactions that don’t fall apart. What enterprises need: realagentic systems. These aren’t glorified code editors—they’re stateful, resilient operators. They juggle work.. read more

Vibe Coding Will Break Your Enterprise

Link

@faun shared a link, 8 months, 2 weeks ago

FAUN.dev()

Redis to acquire Decodable

Redis is buyingDecodable, the real-time streaming startup, to crank up itsRedis Data Integration (RDI)and beef up real-time data ingestion. Decodable’s stack lands in Redis Cloud first, syncing outside data into Redis fast enough to feed hungry AI agents real context. What's really happening:Redis i.. read more

Redis to acquire Decodable

Link

@faun shared a link, 8 months, 2 weeks ago

FAUN.dev()

Closer to the Metal: Leaving Playwright for CDP

The Browser-Use crew ditched Playwright and went straight to the Chrome DevTools Protocol. Why? Speed. Way faster element scraping, screenshots, and async automation. They didn't stop there—cooked up a custom CDP Python client with strong type safety, an event-driven core, and real support for crash.. read more

Closer to the Metal: Leaving Playwright for CDP

Sigstore is an open source initiative designed to make software artifact signing and verification simple, automatic, and widely accessible. Its primary goal is to improve software supply chain security by enabling developers and organizations to cryptographically prove the origin and integrity of the software they build and distribute.

At its core, sigstore removes many of the traditional barriers associated with code signing. Instead of managing long-lived private keys manually, sigstore supports keyless signing, where identities are issued dynamically using OpenID Connect (OIDC) providers such as GitHub Actions, Google, or Microsoft. This dramatically lowers operational complexity and reduces the risk of key compromise.

The sigstore ecosystem is composed of several key components:

- Cosign: A tool for signing, verifying, and storing signatures for container images and other artifacts. Signatures are stored alongside artifacts in OCI registries, rather than embedded in them.

- Fulcio: A certificate authority that issues short-lived X.509 certificates based on OIDC identities, enabling keyless signing.

- Rekor: A transparency log that records signing events in an append-only, tamper-evident ledger. This provides public auditability and detection of suspicious or malicious signing activity.

Together, these components allow anyone to verify who built an artifact, when it was built, and whether it has been tampered with, using publicly verifiable cryptographic proofs. This aligns closely with modern supply chain security practices such as SLSA (Supply-chain Levels for Software Artifacts).

sigstore is widely adopted in the cloud-native ecosystem and integrates with tools like Kubernetes, container registries, CI/CD pipelines, and package managers. It is commonly used to sign container images, Helm charts, binaries, and SBOMs, and is increasingly becoming a baseline security requirement for production software delivery.

The project is governed by the OpenSSF (Open Source Security Foundation) and supported by major industry players.