Video

A beginner's view of public good instances

OpenSSF runs a number of "public good" instances, including Sigstore and OpenSSF scorecards. In this video, Stacklok Principal Engineer Evan Anderson pulls back the curtain on the what and how of public good instances, drawing on his experience getting involved and going on-call for these instances.

1 mins read
/
Oct 18, 2023

OpenSSF runs a number of "public good" instances, including Sigstore and OpenSSF scorecards. In this video, Stacklok Principal Engineer Evan Anderson pulls back the curtain on the what and how of public good instances, drawing on his experience getting involved and going on-call for these instances. The OpenSSF's mission is to make software safer and more secure. Part of that is investigating and improving the tools developers have available to protect themselves from attackers, and the public good instances play a key role in making that happen.

Topics covered in this video:

  • How the public instances are hosted: A bit about the scale of public instances

  • Some security insights into public instances: Why you should trust and use the public instances (and when not to!)

Link to How to: Secure your GitHub Actions across multiple repos, with automated actions pinning

How to: Secure your GitHub Actions across multiple repos, with automated actions pinning

Jan 3, 2024
Watch Now
Link to Minder demo: Learn how to apply security checks and policies across your GitHub repos

Minder demo: Learn how to apply security checks and policies across your GitHub repos

Dec 15, 2023
Watch Now
Link to Trusty product demo
Trusty product image

Trusty product demo

Nov 6, 2023
Watch Now