DevOps by Default Blog

accessibility acl ai architecture argocd authentication automation aws backstage bash batch centos7 ci-cd cli cloud cmd containers cost-optimization css dark-mode database deployment design developer-experience devops
disk docker documentation downgrade e2e ebpf filesystem finops frontend gem github-actions gitops go golang gotrs green-computing grpc helm iac iam infrastructure-as-code java jenkins kpartx kubernetes
linux logging mariadb mfa monitoring mount multi-tenancy mysql network networking ntfs observability open-source opentofu operations otrs performance platform-engineering playwright plugins postgresql prometheus quality repo ruby
scripting secrets security sigstore slsa sql supply-chain sustainability tailwind terraform terraform101 testing themes ticketing tutorial ux vault vulnerabilities wasm windows workflow year-review yum
accessibility acl ai architecture argocd authentication automation aws backstage bash batch centos7 ci-cd cli cloud cmd containers cost-optimization css dark-mode database deployment design developer-experience devops
disk docker documentation downgrade e2e ebpf filesystem finops frontend gem github-actions gitops go golang gotrs green-computing grpc helm iac iam infrastructure-as-code java jenkins kpartx kubernetes
linux logging mariadb mfa monitoring mount multi-tenancy mysql network networking ntfs observability open-source opentofu operations otrs performance platform-engineering playwright plugins postgresql prometheus quality repo ruby
scripting secrets security sigstore slsa sql supply-chain sustainability tailwind terraform terraform101 testing themes ticketing tutorial ux vault vulnerabilities wasm windows workflow year-review yum
accessibility acl ai architecture argocd authentication automation aws backstage bash batch centos7 ci-cd cli cloud cmd containers cost-optimization css dark-mode database deployment design developer-experience devops
disk docker documentation downgrade e2e ebpf filesystem finops frontend gem github-actions gitops go golang gotrs green-computing grpc helm iac iam infrastructure-as-code java jenkins kpartx kubernetes

Posts tagged "Supply-Chain"

Clear

2 articles

Supply Chain Security with SLSA and Sigstore

349 words · 2 min read

SolarWinds, Log4Shell, and countless smaller incidents proved that software supply chains are attack vectors. Compliance frameworks now require provenance verification. We implemented SLSA and Sigstore to meet requirements and build genuine trust. The Problem “Where did this binary come …

Read more

Log4Shell: Lessons for Vulnerability Response

349 words · 2 min read

December 2021 delivered Log4Shell, and the subsequent weeks were chaos. A month later, we’re reflecting on what worked, what didn’t, and what we’re changing permanently. The Problem The vulnerability itself was severe—remote code execution with trivial exploitation. But the real …

Read more

Copyright © 2026 Gibbsoft Ltd. Company No. 06514595 registered in England. VAT No. 178377753.