Skip to content
View bureado's full-sized avatar
126 followers · 56 following

Achievements

Achievement: Starstruckx2Achievement: Pair ExtraordinaireAchievement: QuickdrawAchievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Achievements

Achievement: Starstruckx2Achievement: Pair ExtraordinaireAchievement: QuickdrawAchievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Highlights

Organizations

@Azure

Block or report bureado

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned Loading

  1. awesome-software-supply-chain-security awesome-software-supply-chain-security Public

    A compilation of resources in the software supply chain security domain, with emphasis on open source

    338 36

  2. Post-modern Linux packaging: additio... Post-modern Linux packaging: additional reading
    1 
    # Post-modern Linux packaging: additional reading
    2 
    
              
    
              
    
                3
                
    ## Summary
    
              
    
              
    
                4
                
    
              
    
              
    
                5
                
    This document compiles 2018 coverage around post-modern packaging technologies for Linux, including packaging formats like Snaps and Flatpaks, systems like Nix and Guix and full distros such as Atomic or Clear Linux.
    
              
    
          
    
    
    
  
    

    3. 

      

  3. 
  
    
    
    
      
    
        
        confidential-computing-reading-list.md  confidential-computing-reading-list.md      
    

          
    
              
    
                1
                
    * High level introductions:
    
              
    
              
    
                2
                
      * [The three levels of confidential computing | Edgeless Systems](https://www.edgeless.systems/blog/the-three-levels-of-confidential-computing)
    
              
    
              
    
                3
                
        * Edgeless' entire [wiki](https://www.edgeless.systems/wiki/) (as well as the docs for several of their OSS products) are highly recommended for additional reading; you might want to start with [Use cases](https://www.edgeless.systems/wiki/use-cases/)
    
              
    
              
    
                4
                
      * [Why Should I Trust Your Code? | annotated by JMP (readwise.io)](https://readwise.io/reader/shared/01j366bxtsa4p3bdprcna29x3y/)
    
              
    
              
    
                5
                
      * [Common-Terminology-for-Confidential-Computing | annotated by JMP (readwise.io)](https://readwise.io/reader/shared/01hvwqjzq2bwjyvy8hvqnfx7at/)
    
              
    
          
    
    
    
  
    

    4. 

      

  4. 
  
    
    
    
      
    
        
        agent-rsp-references.md  agent-rsp-references.md      
    

          
    
              
    
                1
                
    This is a collection of resources supporting the idea that provable runtime security guarantees for agents can be intrinsically bound to agent identity, perhaps as part of a broader representation of "intent", or in a tiered trust model. TEEs, hypervisor-enforced isolation, hardware roots of trust and several Linux security primitives are instrumental to get there. We curate some of the most promising references to date including applied technologies in agent frameworks, research and risk/mitigation-focused literature on this topic.
    
              
    
              
    
                2
                
    
              
    
              
    
                3
                
    # Agent runtime security
    
              
    
              
    
                4
                
    
              
    
              
    
                5
                
    Risk/mitigation literature that discusses the importance of agent runtime security includes:
    
              
    
          
    
    
    
  
    

    5.