Brandon Lum's Avatar

Brandon Lum

@lumjjb.bsky.social

🔑CNCF Security TAG Co-Chair Emiritus 💻Google Engineer 🎸Musician/Guitarist All things Containers + Security... Opinions are my own...

196 Followers  |  2 Following  |  11 Posts  |  Joined: 07.06.2023  |  1.5366

Latest posts by lumjjb.bsky.social on Bluesky

Community Graph for Understanding Artifact Composition (GUAC) aggregates software security metadata into a high fidelity graph database—normalizing entity identities and mapping standard relationships between...

We’re looking forward to engaging with the community more and building up the project! Come join us at https://guac.sh/community/ and give us a star on Github if you feel generous! n/n

13.07.2023 13:09 — 👍 0    🔁 0    💬 0    📌 0
Preview
Kusari - armor for your software supply chain Securing your Supply Chain

Last but definitely not the least, https://kusari.dev, co-founders of GUAC, has been contributing a ton in terms  to GUAC v0.1, visualizer and the @arangodb backend. More often than not, they don’t get “big tech” publicity, but they are great folk and are to watch! 9/n

13.07.2023 13:09 — 👍 0    🔁 0    💬 1    📌 0
Preview
Contributors to guacsec/guac GUAC aggregates software security metadata into a high fidelity graph database. - Contributors to guacsec/guac

Big shoutout to many other community members that have also contributed to GUAC! https://github.com/guacsec/guac/graphs/contributors. 36 code contributors and growing! Yes - not forgetting you, @dependabot 8/n

13.07.2023 13:08 — 👍 0    🔁 0    💬 1    📌 0
Preview
Blog: Introducing Guac integration Chainloop - Open Source Software Supply Chain attestation that both Devs and SecOps love

@migmartri  from chainloop.dev contributed a CLI additions to exercise our GCS collector, and used it for some cool integration with their tool that they talk more about at 
https://chainloop.dev/blog/introducing-guac-integration 7/n

13.07.2023 13:08 — 👍 0    🔁 0    💬 1    📌 0

https://github.com/stevemenezes from @Yahoo has been setting up GUAC on @awscloud Neptune, alongside other contributions! This leverages the partial work from the @neo4j backend since it supports the Cypher query language 6/n

13.07.2023 13:08 — 👍 0    🔁 0    💬 1    📌 0
Post image

Since we have a photo, here’s @nffrenchie, another co-founder of @ensigniasec with the GUAC at OSS Summit :)  5/n

13.07.2023 13:07 — 👍 0    🔁 0    💬 1    📌 0

@ivanvanderbyl from @ensigniasec has been working on a whole new RDMS backend for the graphQL interface through ent to support postgres/mysql/sqlite as the persistence layer! https://github.com/guacsec/guac/pull/910  4/n

13.07.2023 13:07 — 👍 0    🔁 0    💬 1    📌 0
GUAC Community Meeting 2023-05-18
GUAC Community Meeting 2023-05-18

The same folks also are working on a policy engine seedwing (https://docs.seedwing.io/seedwing/index.html), which they showcased at the GUAC community meeting a couple months back (https://www.youtube.com/watch?v=JciGSBGgzfU&t=1297s) 3/n

13.07.2023 13:07 — 👍 0    🔁 0    💬 1    📌 0
Preview
GitHub - dejanb/guac-rs Contribute to dejanb/guac-rs development by creating an account on GitHub.

For all the fans of rust, @dejanb, @ctron, @bobmcwhirter  @lulf   from @RedHat has created an awesome rust library (https://github.com/dejanb/guac-rs)  as well as a rust GUAC S3 collector (https://github.com/trustification/trustification/tree/main/exporter) 2/n

13.07.2023 13:06 — 👍 0    🔁 1    💬 1    📌 0

x-post: Working on GUAC (https://github.com/guacsec/guac/) reminds me why I enjoy working on Open Source! We’ve gotten some great community contributions since our v0.1 launch. Here are some cool contributions from the community, if you like them do give us a star - we’re close to 1k!! 1/n

13.07.2023 13:05 — 👍 1    🔁 2    💬 1    📌 0

Hello world!

07.06.2023 20:09 — 👍 5    🔁 0    💬 0    📌 0

@lumjjb is following 2 prominent accounts