About the Author

Luke Hinds

CTO

Luke Hinds is the CTO of Stacklok. He is the creator of the open source project sigstore, which makes it easier for developers to sign and verify software artifacts. Prior to Stacklok, Luke was a distinguished engineer at Red Hat.

More posts by this author (11)

Stacklok has contributed Minder to the OpenSSF out of a deep belief in the power of the open source community

Luke Hinds /

Oct 28, 2024

Community

Minder

Cross-platform RAT deployed by weaponized 'requests' clone

Luke Hinds / Poppaea McDermott /

Aug 30, 2024

Threat Analysis

Introducing the Frizbee GitHub Action: Automatically pin actions and container images to digests

Radoslav Dimitrov / Luke Hinds /

Jun 20, 2024

CI/CD security

Python typosquatting attack targets popular open source PyPI library with 30M weekly downloads

Luis Juncal / Luke Hinds /

Jun 6, 2024

Threat Analysis

Announcing the Proof-of-Diligence (PoD) algorithm: A method of modeling trust and maintainability in open source ecosystems

Luke Hinds / Pankaj Telang /

Apr 17, 2024

Trusty

An analysis of an obfuscated JavaScript malware package

Luke Hinds / Edward Thomson /

Mar 27, 2024

Threat Analysis

CVEs: The emperor's old clothes

Luke Hinds /

Feb 21, 2024

Open Source Security

What is software provenance, or proof of origin?

Luke Hinds /

Jan 5, 2024

Supply Chain Security 101

Exploring Llama 2 on a Apple Mac M1/M2

Luke Hinds / Prachi Jadhav /

Jul 19, 2023

Privacy Policy Terms of Service

Main Menu

Home About Careers Contact

Products

Trusty Minder

Resources

All Resources Blog Videos Trusty Docs Minder Docs

Contact Us

hello@stacklok.com

Solutions

Company

Community

Resources

For Developers

Vet the supply chain risk of open source packages

For Open Source Communities

Secure your software supply chain

For Developers

Vet the supply chain risk of open source packages

For Open Source Communities

Secure your software supply chain

About the Author

Luke Hinds

More posts by this author (11)

Stacklok has contributed Minder to the OpenSSF out of a deep belief in the power of the open source community

Cross-platform RAT deployed by weaponized 'requests' clone

Introducing the Frizbee GitHub Action: Automatically pin actions and container images to digests

Python typosquatting attack targets popular open source PyPI library with 30M weekly downloads

Announcing the Proof-of-Diligence (PoD) algorithm: A method of modeling trust and maintainability in open source ecosystems

An analysis of an obfuscated JavaScript malware package

CVEs: The emperor's old clothes

What is software provenance, or proof of origin?

Exploring Llama 2 on a Apple Mac M1/M2

Newsletter

Stay in the loop

Main Menu

Products

Resources

Contact Us