Read Time:2 Minute, 2 Second
Chainguard, a cybersecurity firm, has developed a straightforward and open-source solution for businesses to protect the cloud against some of the most dangerous assaults.
Organisations worldwide have been scrambling to handle software supply chain security in the wake of serious events like Russia’s massive 2017 NotPetya malware assault and the Kremlin’s 2020 SolarWinds cyberespionage campaign—both of which were accomplished by poisoning software distribution wells.
In general, and especially for open-source software, users may find better protection in knowing what software they’re actually running, emphasising enumerating all of the little components that make up the whole and validating that they are correct.
This way, when you pack a box of software heirlooms and store it on a shelf, you can be confident that there isn’t a live microphone or Tupperware full of deviled eggs that will sit in the box for years.
Creating a manifest of what’s inside every box in every basement and garage is time-consuming. Still, a new tool from security firm Chainguard aims to do it for the software “containers” that underlie most digital services today.
On Thursday, Chainguard debuted a Linux distribution called Wolfi that is built specifically for how modern digital systems are constructed in the cloud. Most people don’t use Linux, the well-known open-source operating system, on a personal computer. (If they do, it’s not always because they’re aware of it, as is the case with Android, which is based on a customised version of Linux.)
The open-source operating system is prevalent in servers and cloud infrastructure worldwide, partly because it may be set up in so many different ways. Unlike Microsoft and Apple’s operating systems, which offer you only one option at a time, the open nature of Linux allows developers to build all sorts of flavours—known as “distributions” —to fit specific tastes and requirements.
The Chainguard developers, who have extensive experience with open-source software and other Linux distributions, felt a critical flavour was missing. “What we’ve done is built a distribution that we feel will work well for enterprises looking to address supply chain security seriously,” says Chainguard principal engineer Ariadne Conill.
Consider software containers like a shipping container house you’ve built yourself. Everything you’ll need to live is within, but you can relocate the container dwelling as required. Wolfi is checking and pre-specifying everything in your container home’s security to guarantee that everything inside is safe.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
