A brief on sigstore - a new approach for signing, verifying and protecting software.
A gist of the NIST SP 800-218 publication on Secure Software Development Framework.
A brief guide on detecting leaked secrets using open-source Trufflehog.
A brief on container vulnerability scanning with open source Trivy.
Google’s white paper on shifting left in security offers high-signal insights that you can adopt today.