diff --git a/content/en/resources/news.md b/content/en/resources/news.md index abd0497..8a3a553 100644 --- a/content/en/resources/news.md +++ b/content/en/resources/news.md @@ -1,9 +1,14 @@ --- title: News -description: - The [press](resources/press) page contains a full listing of news coverage +description: TUF news coverage +aliases: [/news, /press] --- +## Highlights + +Here are our news highlights. For a complete list, see the [Press](#press) +section. + **June 16, 2021** The Sigstore community live-streamed a @@ -168,3 +173,89 @@ The Docker team announces Docker Content Trust, which integrates TUF via available starting with Docker 1.8, and supports image signing and verification. For more information on the Docker + TUF integration, consult [this blog post](https://blog.docker.com/2015/08/content-trust-docker-1-8). + +## Press + +- [Design2Part Magazine-April 2, 2020: Open Source Framework Helps Automakers Secure OTA Updates](https://www.d2pmagazine.com/2020/04/02/6099/) + +- [TechCrunch-March 11, 2020: AWS Launches Bottlerocket, a Linux-based OS for Container Hosting](https://techcrunch.com/2020/03/11/aws-launches-bottlerocket-a-linux-based-os-for-container-hosting/) + +- [New Jersey 101.5-March 9, 2020: People are Pretty Reluctant to Embrace Self Driving Cars, Survey Says](https://nj1015.com/people-are-pretty-reluctant-to-embrace-self-driving-cars-survey-says/) + +- [Python Foundation Blogspot-March 4, 2020: An Update PyPI Funded Work](https://pyfound.blogspot.com/2020/03/an-update-pypi-funded-work.html) + +- [S&P Global-January 9, 2020: Wireless Vehicle Updates Pose Big Cybersecurity Risk for Automakers, Consumers](https://www.spglobal.com/marketintelligence/en/news-insights/trending/Xp9n6TEIEmSe8ho9d0jX_Q2) + +- [MP3 Monster's Blog-January 4, 2020: Security Vulnerabilities in Solution Deployment](https://blog.mp3monster.org/2020/01/04/security-vulnerabilities-in-solution-deployment/) + +- [AV Network-December 27, 2019: Cloud Native Computing Foundation Announces TUF Graduation](https://www.avnetwork.com/news/cloud-native-computing-foundation-announces-tuf-graduation) + +- [HelpNet Security.com-December 23, 2019: The Update Framework Graduates from the Linux Foundation’s Cloud Native Computing Foundation](https://www.helpnetsecurity.com/2019/12/23/update-framework-linux-foundation/) + +- [Linux Weekly News-December 19, 2019: Cloud Native Computing Foundation Announces TUF Graduation](https://lwn.net/Articles/807777/) + +- [DevClass-December 19, 2019: The Update Framework Becomes the Ninth Project to Graduate CNCF](https://devclass.com/2019/12/19/the-update-framework-becomes-ninth-project-to-graduate-cncf/) + +- [DevOps-December 18, 2019: CNCF Graduates TUF Project to Secure Software Updates](https://devops.com/cncf-graduates-tuf-project-to-secure-software-updates/) + +- [Linux Weekly News-July 24, 2019: Protecting update systems from nation-state attackers](https://lwn.net/Articles/794391/) + +- [The Drive.com-July 23, 2019: Top OTA Expert Shows How State Actors Hack into your Car and What Happens Next](https://www.thedrive.com/tech/29120/top-ota-expert-shows-how-state-actors-hack-into-your-car-and-what-happens-next-people-will-die) + +- [Just Auto-May 30, 2019: HERE and Uptane Team on automotive/IoT security](https://www.just-auto.com/news/here-and-uptane-team-on-automotiveiot-security_id188912.aspx) + +- [Traffic Technology Today-May 29,2019: HERE Technologies Joins the Uptane Alliance](https://www.traffictechnologytoday.com/news/mapping/here-technologies-joins-the-uptane-alliance-for-highly-secure-software-updates.html) + +- [TMCnet.com-May 28, 2019: HERE Technologies Joins the Uptane Alliance](https://www.tmcnet.com/usubmit/2019/05/28/8963021.htm) + +- [Airbiquity.com-December 13, 2018: Airbiquity Bolsters OTAmatic™ Security And Data Analytic Features In Latest Over-The-Air (OTA) Software And Data Management Offering For Automotive](https://www.airbiquity.com/news/press-releases/airbiquity-bolsters-otamatictm-security-and-data-analytic-features-latest-over-air-ota-software-and-data-management-offering-aut) + +- [Auto Cybersecurity Connected Car News-August 19, 2018: Uptane Prevents Attacks](https://www.autoconnectedcar.com/2018/08/automotive-cybersecurity-open-source-ota-crypto-market/) + +- [eweek.com-July 13, 2018: How The Update Framework Improves Software Distribution Security](https://www.eweek.com/security/how-the-update-framework-improves-software-distribution-security) + +- [eSecurity Planet.com-June 13, 2018: Container and Kubernetes Security: It's Complicated](https://www.esecurityplanet.com/applications/container-and-kubernetes-security.html) + +- [Airbiquity.com-January 2018: Airbiquity OTAmatic Named 2017 New Product Of The Year By Business Intelligence Group](https://www.airbiquity.com/news/press-releases/airbiquity-otamatic-named-2017-new-product-year-business-intelligence-group) + +- [TechCrunch-October 2017: The Cloud Native Computing Foundation Adds Two Security Projects to its Open Source Stable](https://beta.techcrunch.com/2017/10/24/the-cloud-native-computing-foundation-adds-two-security-projects-to-its-open-source-stable/) + +- [Container Journal-October 2017: CNCF Adds 2 Projects to Better Secure Containers](https://containerjournal.com/2017/10/24/cncf-adds-projects-better-secure-containers/) + +- [Enterprise Cloud News-October 2017: Cloud Native Computing Foundation Adopts 2 Security Projects](http://www.enterprisecloudnews.com/author.asp?section_id=571&doc_id=737560) + +- [The New Stack-October 2017: CNCF Brings Security to the Cloud Native Stack with Notary, TUF Adoption](https://thenewstack.io/cncf-brings-security-cloud-native-stack-notary-tuf-adoption/) + +- [Popular Science-October 2017: The Year's Most Important Innovations in Security](https://www.popsci.com/top-security-innovations-2017) + +- [eWeek-April 2017: How The Update Framework Improves Security of Software Updates](https://www.eweek.com/security/how-the-update-framework-improves-security-of-software-updates) + +- [Python Podcast.init-March 2017: Securing your Software Updates with Justin Cappos-Episode 99, March 2017](https://www.podcastinit.com/episode-99-the-update-framework-with-justin-cappos/) + +- [Forbes-January 2017: Uptane Will Protect your Connected Car from Hackers](https://www.forbes.com/sites/.../uptane-will-protect-your-connected-car-from-hackers) + +- [Christian Science Monitor-January 2017: Are Software Uodates Key to Stopping Criminal Car Hacks?](https://www.csmonitor.com/World/Passcode/2017/0118/Are-software-updates-key-to-stopping-criminal-car-hacks) + +- [YouTube-October 2016: Justin Cappos presents TUF and ongoing work in securing software updates in automobiles and the software supply chain at Docker's Distributed Systems Summit 2016 ](https://www.youtube.com/watch?v=Aryr0O6H_2U&list=PLkA60AVN3hh8oPas3cq2VA9xB7WazcIgs&index=9) + +- [Duo Tech Talk-July 2016: Secure Software Distribution in an Adversarial World](https://www.youtube.com/watch?v=OW8NPkSq-3k) + +- [The New Stack-August 2015: Docker: With Content Trust, You Can Run Containers on Untrusted Networks](https://thenewstack.io/docker-content-trust-can-run-containers-untrusted-networks/) + +- [Notary demoed at the DockerCon 2015 keynote](https://www.ustream.tv/recorded/64499822#t=1h54m0s) + +- [LWN.net-January 2015: Docker image "verification"](https://lwn.net/Articles/628343/) + +- [PyCon 2015-Poster Presentation](https://us.pycon.org/2015/schedule/presentation/438/) + +- [LWN.net-January 2015: Protecting Python package downloads](https://lwn.net/Articles/629426/) + +- [Hacker News-December 2014: Incremental Plans to Improve Python Packaging](https://news.ycombinator.com/item?id=8780369) + +- [Titanous.com blog-December 2014: Docker Image Insecurity](https://titanous.com/posts/docker-insecurity) + +- [The Linux Magazine-March 2014: TUF Love](https://www.linux-magazine.com/Issues/2014/160/Security-Lessons-TUF) + +- [Promotional materials on TUF (The Update Framework) w/ Justin Cappos and Trishank Kuppusamy](https://vimeo.com/88774074) + +- [Slashdot: Package Managers As Achilles Heel](https://it.slashdot.org/story/08/07/10/227220/package-managers-as-achilles-heel) diff --git a/content/en/resources/press.md b/content/en/resources/press.md deleted file mode 100644 index 97a4a5f..0000000 --- a/content/en/resources/press.md +++ /dev/null @@ -1,88 +0,0 @@ ---- -title: Press -description: TUF Press coverage ---- - -- [Design2Part Magazine-April 2, 2020: Open Source Framework Helps Automakers Secure OTA Updates](https://www.d2pmagazine.com/2020/04/02/6099/) - -- [TechCrunch-March 11, 2020: AWS Launches Bottlerocket, a Linux-based OS for Container Hosting](https://techcrunch.com/2020/03/11/aws-launches-bottlerocket-a-linux-based-os-for-container-hosting/) - -- [New Jersey 101.5-March 9, 2020: People are Pretty Reluctant to Embrace Self Driving Cars, Survey Says](https://nj1015.com/people-are-pretty-reluctant-to-embrace-self-driving-cars-survey-says/) - -- [Python Foundation Blogspot-March 4, 2020: An Update PyPI Funded Work](https://pyfound.blogspot.com/2020/03/an-update-pypi-funded-work.html) - -- [S&P Global-January 9, 2020: Wireless Vehicle Updates Pose Big Cybersecurity Risk for Automakers, Consumers](https://www.spglobal.com/marketintelligence/en/news-insights/trending/Xp9n6TEIEmSe8ho9d0jX_Q2) - -- [MP3 Monster's Blog-January 4, 2020: Security Vulnerabilities in Solution Deployment](https://blog.mp3monster.org/2020/01/04/security-vulnerabilities-in-solution-deployment/) - -- [AV Network-December 27, 2019: Cloud Native Computing Foundation Announces TUF Graduation](https://www.avnetwork.com/news/cloud-native-computing-foundation-announces-tuf-graduation) - -- [HelpNet Security.com-December 23, 2019: The Update Framework Graduates from the Linux Foundation’s Cloud Native Computing Foundation](https://www.helpnetsecurity.com/2019/12/23/update-framework-linux-foundation/) - -- [Linux Weekly News-December 19, 2019: Cloud Native Computing Foundation Announces TUF Graduation](https://lwn.net/Articles/807777/) - -- [DevClass-December 19, 2019: The Update Framework Becomes the Ninth Project to Graduate CNCF](https://devclass.com/2019/12/19/the-update-framework-becomes-ninth-project-to-graduate-cncf/) - -- [DevOps-December 18, 2019: CNCF Graduates TUF Project to Secure Software Updates](https://devops.com/cncf-graduates-tuf-project-to-secure-software-updates/) - -- [Linux Weekly News-July 24, 2019: Protecting update systems from nation-state attackers](https://lwn.net/Articles/794391/) - -- [The Drive.com-July 23, 2019: Top OTA Expert Shows How State Actors Hack into your Car and What Happens Next](https://www.thedrive.com/tech/29120/top-ota-expert-shows-how-state-actors-hack-into-your-car-and-what-happens-next-people-will-die) - -- [Just Auto-May 30, 2019: HERE and Uptane Team on automotive/IoT security](https://www.just-auto.com/news/here-and-uptane-team-on-automotiveiot-security_id188912.aspx) - -- [Traffic Technology Today-May 29,2019: HERE Technologies Joins the Uptane Alliance](https://www.traffictechnologytoday.com/news/mapping/here-technologies-joins-the-uptane-alliance-for-highly-secure-software-updates.html) - -- [TMCnet.com-May 28, 2019: HERE Technologies Joins the Uptane Alliance](https://www.tmcnet.com/usubmit/2019/05/28/8963021.htm) - -- [Airbiquity.com-December 13, 2018: Airbiquity Bolsters OTAmatic™ Security And Data Analytic Features In Latest Over-The-Air (OTA) Software And Data Management Offering For Automotive](https://www.airbiquity.com/news/press-releases/airbiquity-bolsters-otamatictm-security-and-data-analytic-features-latest-over-air-ota-software-and-data-management-offering-aut) - -- [Auto Cybersecurity Connected Car News-August 19, 2018: Uptane Prevents Attacks](https://www.autoconnectedcar.com/2018/08/automotive-cybersecurity-open-source-ota-crypto-market/) - -- [eweek.com-July 13, 2018: How The Update Framework Improves Software Distribution Security](https://www.eweek.com/security/how-the-update-framework-improves-software-distribution-security) - -- [eSecurity Planet.com-June 13, 2018: Container and Kubernetes Security: It's Complicated](https://www.esecurityplanet.com/applications/container-and-kubernetes-security.html) - -- [Airbiquity.com-January 2018: Airbiquity OTAmatic Named 2017 New Product Of The Year By Business Intelligence Group](https://www.airbiquity.com/news/press-releases/airbiquity-otamatic-named-2017-new-product-year-business-intelligence-group) - -- [TechCrunch-October 2017: The Cloud Native Computing Foundation Adds Two Security Projects to its Open Source Stable](https://beta.techcrunch.com/2017/10/24/the-cloud-native-computing-foundation-adds-two-security-projects-to-its-open-source-stable/) - -- [Container Journal-October 2017: CNCF Adds 2 Projects to Better Secure Containers](https://containerjournal.com/2017/10/24/cncf-adds-projects-better-secure-containers/) - -- [Enterprise Cloud News-October 2017: Cloud Native Computing Foundation Adopts 2 Security Projects](http://www.enterprisecloudnews.com/author.asp?section_id=571&doc_id=737560) - -- [The New Stack-October 2017: CNCF Brings Security to the Cloud Native Stack with Notary, TUF Adoption](https://thenewstack.io/cncf-brings-security-cloud-native-stack-notary-tuf-adoption/) - -- [Popular Science-October 2017: The Year's Most Important Innovations in Security](https://www.popsci.com/top-security-innovations-2017) - -- [eWeek-April 2017: How The Update Framework Improves Security of Software Updates](https://www.eweek.com/security/how-the-update-framework-improves-security-of-software-updates) - -- [Python Podcast.init-March 2017: Securing your Software Updates with Justin Cappos-Episode 99, March 2017](https://www.podcastinit.com/episode-99-the-update-framework-with-justin-cappos/) - -- [Forbes-January 2017: Uptane Will Protect your Connected Car from Hackers](https://www.forbes.com/sites/.../uptane-will-protect-your-connected-car-from-hackers) - -- [Christian Science Monitor-January 2017: Are Software Uodates Key to Stopping Criminal Car Hacks?](https://www.csmonitor.com/World/Passcode/2017/0118/Are-software-updates-key-to-stopping-criminal-car-hacks) - -- [YouTube-October 2016: Justin Cappos presents TUF and ongoing work in securing software updates in automobiles and the software supply chain at Docker's Distributed Systems Summit 2016 ](https://www.youtube.com/watch?v=Aryr0O6H_2U&list=PLkA60AVN3hh8oPas3cq2VA9xB7WazcIgs&index=9) - -- [Duo Tech Talk-July 2016: Secure Software Distribution in an Adversarial World](https://www.youtube.com/watch?v=OW8NPkSq-3k) - -- [The New Stack-August 2015: Docker: With Content Trust, You Can Run Containers on Untrusted Networks](https://thenewstack.io/docker-content-trust-can-run-containers-untrusted-networks/) - -- [Notary demoed at the DockerCon 2015 keynote](https://www.ustream.tv/recorded/64499822#t=1h54m0s) - -- [LWN.net-January 2015: Docker image "verification"](https://lwn.net/Articles/628343/) - -- [PyCon 2015-Poster Presentation](https://us.pycon.org/2015/schedule/presentation/438/) - -- [LWN.net-January 2015: Protecting Python package downloads](https://lwn.net/Articles/629426/) - -- [Hacker News-December 2014: Incremental Plans to Improve Python Packaging](https://news.ycombinator.com/item?id=8780369) - -- [Titanous.com blog-December 2014: Docker Image Insecurity](https://titanous.com/posts/docker-insecurity) - -- [The Linux Magazine-March 2014: TUF Love](https://www.linux-magazine.com/Issues/2014/160/Security-Lessons-TUF) - -- [Promotional materials on TUF (The Update Framework) w/ Justin Cappos and Trishank Kuppusamy](https://vimeo.com/88774074) - -- [Slashdot: Package Managers As Achilles Heel](https://it.slashdot.org/story/08/07/10/227220/package-managers-as-achilles-heel) diff --git a/content/en/resources/publications.md b/content/en/resources/publications.md index b396cbb..7ce6aea 100644 --- a/content/en/resources/publications.md +++ b/content/en/resources/publications.md @@ -1,6 +1,5 @@ --- title: Publications -description: --- The following papers provide detailed information on securing software updater