Updates and recent posts about Sigstore..

Posts
Description

Story

@laura_garcia shared a post, 3 weeks ago

Software Developer, RELIANOID

𝗧𝗵𝗲 𝗙𝘂𝘁𝘂𝗿𝗲 𝗼𝗳 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗦𝘁𝗮𝗿𝘁𝘀 𝗶𝗻 𝗟𝗼𝗻𝗱𝗼𝗻

🔐 𝗧𝗵𝗲 𝗙𝘂𝘁𝘂𝗿𝗲 𝗼𝗳 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗦𝘁𝗮𝗿𝘁𝘀 𝗶𝗻 𝗟𝗼𝗻𝗱𝗼𝗻 The 𝗚𝗮𝗿𝘁𝗻𝗲𝗿 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 & 𝗔𝗰𝗰𝗲𝘀𝘀 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗦𝘂𝗺𝗺𝗶𝘁 𝟮𝟬𝟮𝟲 is almost here! On 𝗠𝗮𝗿𝗰𝗵 𝟵–𝟭𝟬 𝗶𝗻 𝗟𝗼𝗻𝗱𝗼𝗻, IAM leaders, security architects, and IT executives will gather to tackle the biggest challenges shaping modern identity security. From 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗧𝗵𝗿𝗲𝗮𝘁 𝗗𝗲𝘁..

Gartner Identity and Access Management Summit 2026 london relianoid

Story

@viktoriiagolovtseva shared a post, 3 weeks, 1 day ago

A Free Jira Position Opening Template for Recruitment Teams

The quality of the hiring process defines the quality of the teams working in your organization. That’s why it’s paramount to ensure that this process is well-organized and built upon best practices. Using templates in Jira for recruitment tasks is a great way to achieve this. They allow you to document your approaches and policies, promote consistency, and simply save time.

In this article, we explain how to create a position opening template for Jira in two different ways. We also provide you with a reusable checklist template, which you can copy and paste into your Jira task. But first, let’s decide what type of template you need.

Story

@laura_garcia shared a post, 3 weeks, 1 day ago

Software Developer, RELIANOID

🔐 𝗠𝗼𝘀𝘁 𝗰𝗼𝗺𝗽𝗮𝗻𝗶𝗲𝘀 𝘁𝗵𝗶𝗻𝗸 𝗻𝗲𝘁𝘄𝗼𝗿𝗸 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗶𝘀 𝗮𝗯𝗼𝘂𝘁 𝘁𝗼𝗼𝗹𝘀.

🔐 𝗠𝗼𝘀𝘁 𝗰𝗼𝗺𝗽𝗮𝗻𝗶𝗲𝘀 𝘁𝗵𝗶𝗻𝗸 𝗻𝗲𝘁𝘄𝗼𝗿𝗸 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗶𝘀 𝗮𝗯𝗼𝘂𝘁 𝘁𝗼𝗼𝗹𝘀. Firewalls. WAFs. IDS. Monitoring platforms. But the truth is simpler: 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝘀𝘁𝗮𝗿𝘁𝘀 𝘄𝗶𝘁𝗵 𝗮𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲. At RELIANOID, we design our 𝗥𝗘𝗟𝗜𝗔𝗡𝗢𝗜𝗗 𝗟𝗼𝗮𝗱 𝗕𝗮𝗹𝗮𝗻𝗰𝗲𝗿 following the principles of 𝗜𝗦𝗢/𝗜𝗘𝗖 𝟮𝟳𝟬𝟯𝟯, the international framework for secure netwo..

Story

@laura_garcia shared a post, 3 weeks, 2 days ago

Software Developer, RELIANOID

🔎 Understanding IP Forwarding and Security

When deploying load balancers, gateways, or firewalls, IP forwarding directly impacts how traffic moves between interfaces — and how secure your architecture really is. We’ve created a clear diagram explaining: ✔ What IP forwarding is ✔ When it’s required (L4 vs L7) ✔ The main security risks ✔ Best ..

ip forwarding security diagram relianoid

Activity

@shurup gave 🐾 to OpenClaw Lightweight Alternative Launches: A 10MB AI Assistant That Runs on $10 Hardware , 3 weeks, 3 days ago.

Activity

@shurup gave 🐾 to Spotlight on SIG Architecture: API Governance , 3 weeks, 3 days ago.

Story Trending

@laura_garcia shared a post, 3 weeks, 3 days ago

Software Developer, RELIANOID

🚀 𝗦𝗖𝗔𝗟𝗘 𝟮𝟯𝘅 – 𝗦𝗼𝘂𝘁𝗵𝗲𝗿𝗻 𝗖𝗮𝗹𝗶𝗳𝗼𝗿𝗻𝗶𝗮 𝗟𝗶𝗻𝘂𝘅 𝗘𝘅𝗽𝗼

📅 March 5–8, 2026 | 📍 Pasadena, California SCALE 23x – Southern California Linux Expo is back — North America’s largest community-run open source conference! Four days of: 🔹 Open source innovation 🔹 DevOps & cloud-native deep dives 🔹 Cybersecurity insights 🔹 Hands-on technical workshops 🔹 Real commu..

Story

@laura_garcia shared a post, 3 weeks, 4 days ago

Software Developer, RELIANOID

We’re heading to Big Data & AI World 2026

We’re heading to Big Data & AI World 2026 📍 4–5 March 2026 | London Part of Tech Show London 2026, this event brings together data and AI leaders focused on responsible, scalable AI and measurable business outcomes. At RELIANOID, we enable secure, high-performance infrastructures ready for AI-driven..

Link

@kala shared a link, 3 weeks, 6 days ago

FAUN.dev()

Realtime Prompting Guide

OpenAI shipsgpt-realtimeand declares GA for theRealtime API. It's a speech-to-speech model that tightens instruction-following, steadiestool calling, and lifts voice fidelity. Latency drops. True realtime agents become possible. The release prescribesprompt skeletons,JSON envelopetool outputs,sessio.. read more

Link

@kala shared a link, 3 weeks, 6 days ago

FAUN.dev()

Introducing helm

helm usesTypeScripttypes to registerskillsas typed functions with structured I/O. Permissions follow a clear precedence: exact→wildcard→skill→global. Agents get a keywordsearchtool and a code-execution tool that runs JS inside anSESsandbox. A recursiveproxyforwards calls overIPCto the parent, which .. read more

Sigstore is an open source initiative designed to make software artifact signing and verification simple, automatic, and widely accessible. Its primary goal is to improve software supply chain security by enabling developers and organizations to cryptographically prove the origin and integrity of the software they build and distribute.

At its core, sigstore removes many of the traditional barriers associated with code signing. Instead of managing long-lived private keys manually, sigstore supports keyless signing, where identities are issued dynamically using OpenID Connect (OIDC) providers such as GitHub Actions, Google, or Microsoft. This dramatically lowers operational complexity and reduces the risk of key compromise.

The sigstore ecosystem is composed of several key components:

- Cosign: A tool for signing, verifying, and storing signatures for container images and other artifacts. Signatures are stored alongside artifacts in OCI registries, rather than embedded in them.

- Fulcio: A certificate authority that issues short-lived X.509 certificates based on OIDC identities, enabling keyless signing.

- Rekor: A transparency log that records signing events in an append-only, tamper-evident ledger. This provides public auditability and detection of suspicious or malicious signing activity.

Together, these components allow anyone to verify who built an artifact, when it was built, and whether it has been tampered with, using publicly verifiable cryptographic proofs. This aligns closely with modern supply chain security practices such as SLSA (Supply-chain Levels for Software Artifacts).

sigstore is widely adopted in the cloud-native ecosystem and integrates with tools like Kubernetes, container registries, CI/CD pipelines, and package managers. It is commonly used to sign container images, Helm charts, binaries, and SBOMs, and is increasingly becoming a baseline security requirement for production software delivery.

The project is governed by the OpenSSF (Open Source Security Foundation) and supported by major industry players.