Open mullgundmath opened 3 years ago
Thanks, @mullgundmath! We should certainly add another page to the website documenting all this. What do others think? @jhdalek55 @lukpueh
There already is a "press page" on the web site where these could be posted along with write-ups done in more conventional media.
Lois
On Wed, Sep 2, 2020 at 12:08 PM Trishank Karthik Kuppusamy < notifications@github.com> wrote:
Thanks, @mullgundmath https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_mullgundmath&d=DwMCaQ&c=slrrB7dE8n7gBJbeO0g-IQ&r=hgBKIqNYIOwzXeBjPUaKRw&m=CfWmaOq7llxnzdCtd8gylw_wCTaNZHdzhiuqOnWytsA&s=0vMO_WGx1XozLaLSEcEgM5IBE89WRDMJQGWsNweEC-I&e=! We should certainly add another page to the website documenting all this. What do others think? @jhdalek55 https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_jhdalek55&d=DwMCaQ&c=slrrB7dE8n7gBJbeO0g-IQ&r=hgBKIqNYIOwzXeBjPUaKRw&m=CfWmaOq7llxnzdCtd8gylw_wCTaNZHdzhiuqOnWytsA&s=h2T_d6wSZ8cx1Rxr0AQ1peit3Cr-3nyL4qlsEgtsgy8&e= @lukpueh https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_lukpueh&d=DwMCaQ&c=slrrB7dE8n7gBJbeO0g-IQ&r=hgBKIqNYIOwzXeBjPUaKRw&m=CfWmaOq7llxnzdCtd8gylw_wCTaNZHdzhiuqOnWytsA&s=3rjPGZmsB2btyU0Vx7KWpglhOV1CS8juwyKrcKg4vZ4&e=
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_theupdateframework_theupdateframework.io_issues_13-23issuecomment-2D685837784&d=DwMCaQ&c=slrrB7dE8n7gBJbeO0g-IQ&r=hgBKIqNYIOwzXeBjPUaKRw&m=CfWmaOq7llxnzdCtd8gylw_wCTaNZHdzhiuqOnWytsA&s=3AL54wW-R2u_WsJ_zRJR1RKwa7HpdMQJbIPO7SVe-yc&e=, or unsubscribe https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_ADPGUX3T5MMWL6MD3L7PKZ3SDZUYLANCNFSM4QS42W5A&d=DwMCaQ&c=slrrB7dE8n7gBJbeO0g-IQ&r=hgBKIqNYIOwzXeBjPUaKRw&m=CfWmaOq7llxnzdCtd8gylw_wCTaNZHdzhiuqOnWytsA&s=v1T_KV7BwvGLyLrLPyVeHksuyZFqwXLZa8BxLc-n1dc&e= .
Hii @trishankatdatadog @jhdalek55 @jku,What is the conclusion of this? In my opinion, blog posts should be highlighted on our website and should have a separate section. These posts actually highlight how adopters, users, and the community benefits from TUF.
@h4l0gen I think adding blogs is a fine idea. However, I am no longer an active contributor to this site.
If someone sends a PR, happy to review and merge.
Thanks @trishankatdatadog, I will create PR for this.
Blog posts about TUF need to be added to the homepage. Went through the first five pages of a Google search and found quite a few blog posts; some of them are really good. Title and links to the blog posts below (mine included):
Securing RubyGems with TUF, Part 1 https://developer.squareup.com/blog/securing-rubygems-with-tuf-part-1/
Securing RubyGems with TUF, Part 2 https://developer.squareup.com/blog/securing-rubygems-with-tuf-part-2/
Securing RubyGems with TUF, Part 3 https://developer.squareup.com/blog/securing-rubygems-with-tuf-part-3/
How TUF can secure software systems from update vulnerabilities https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/How-TUF-can-secure-software-systems-from-update-vulnerabilities
How we securely autoupdate Osquery at Kolide https://blog.kolide.com/how-we-securely-autoupdate-osquery-at-kolide-b0eda6ad05f6
CNCF Graduates TUF Project to Secure Software Updates https://devops.com/cncf-graduates-tuf-project-to-secure-software-updates/
Exploring Docker Security – Part 3: Docker Content Trust https://blog.mi.hdm-stuttgart.de/index.php/2016/09/13/exploring-docker-security-part-3-docker-content-trust/
Fuchsia Friday: Amber keeps Fuchsia up to date and secure https://9to5google.com/2018/03/09/fuchsia-friday-amber-keeps-fuchsia-up-to-date-and-secure/
Secure Software Updates via TUF — Part 1 https://medium.com/@mulgundmath/secure-software-updates-via-tuf-part-1-f9bbb34bcbbc
Secure Software Updates via TUF — Part 2 https://medium.com/@mulgundmath/secure-software-updates-via-tuf-part-2-412c6a2b10ab