October 14, 2019
October 2, 2019
Adrian Colyer wrote an article about in-toto in “the morning paper”.
July 9, 2019
in-toto was featured in the blog post “33(+) Kubernetes Security Tools”.
June 8, 2019
June 3, 2019
Datadog has deployed TUF and in-toto into their pipeline! Read more here.
June 1, 2019
Our paper “in-toto: providing farm-to-table security properties for bits and bytes” was accepted into USENIX ‘19. More information here.
February 13, 2019
We’ve worked alongside with Control Plane to make a test deployment of Kubesec using in-toto.
January 7, 2019
We released the first version of the official in-toto Jenkins plugin. This provenance Agent will help you track and sign link metadata for any step within your pipeline in a secure and distributed way.
October 19, 2018
Colin Domoney gave a talk on this year’s DevSecCon London. He covered some of the fundamentals of in-toto to protect your cloud native deployment, as well as some other good supply-chain security practices.
May 29, 2018
May 17, 2018
A LWN article has been published, covering various supply chain security issues and their solutions, including grafeas, the update framework, and in-toto.
May 2, 2018
We presented in-toto along with Grafeas at Kubecon 2018.
April 12, 2018
Grafeas mentioned in-toto integration plans on the Google Cloud platform blog.
March 3, 2018
Our le-git-imate paper on improving the security of web-based Git repositories has been accepted at ASIACCS 2018!
February 20, 2019
October 17, 2017
August 10, 2017
January 17, 2017
October 14, 2016
October 7, 2016
We are live! please check back soon for more updates.