A beginner's view of public good instances

OpenSSF runs a number of "public good" instances, including Sigstore and OpenSSF scorecards. In this video, Stacklok Principal Engineer Evan Anderson pulls back the curtain on the what and how of public good instances, drawing on his experience getting involved and going on-call for these instances. The OpenSSF's mission is to make software safer and more secure. Part of that is investigating and improving the tools developers have available to protect themselves from attackers, and the public good instances play a key role in making that happen.

Topics covered in this video:

• How the public instances are hosted: A bit about the scale of public instances

• Some security insights into public instances: Why you should trust and use the public instances (and when not to!)