The Update Framework mentions (5)

• Sigstore

  I recently implemented a software updating system using [The Update Framework](https://theupdateframework.io/) directly, with [go-tuf](https://github.com/theupdateframework/go-tuf). It required a lot of design work around how we were going to do package management on top of using it for a secure updating system. This was due to TUF's designing around the... - Source: Hacker News / 5 months ago

• Securing CI/CD Images with Cosign and OPA

  The Update Framework (TUF): TUF is a framework, not a tool, designed to enhance the security of software update systems. It focuses on resilience against key compromises and attacks, employing verifiable records to verify the authenticity of update files. TUF's flexibility and integration ease make it a foundational element in securing software updates, though it's not a direct image signing tool like the others. - Source: dev.to / over 1 year ago

• US military to unleash thousands of autonomous war robots over next 2 years

  Here’s to hoping they employ some security to prevent the machines from being hacked and attacking our own infra ala TUF (https://theupdateframework.io/) or the tech from Foundries.io. - Source: Hacker News / almost 2 years ago

• An Overview of Kubernetes Security Projects at KubeCon Europe 2023

  Release signing—or attestation—was a hot topic at KubeCon among vendors, with many offering their own solutions. One in particular that stood out was CNCF’s recently graduated The Update Framework (TUF). - Source: dev.to / about 2 years ago

• Self Updating Binary

  One of the other solution for signature and handling their upgrade is https://theupdateframework.io/ . Haven't come around implementing it yet, but it sounds like a robust solution to this problem. Have you looked at it before? Source: over 2 years ago

SimpleumCheck mentions (0)