@nscur0.bsky.social
AppSec enthusiast, plant muncher 🌱. @dependencytrack.bsky.social co-lead, maintainer of @cyclonedx.bsky.social Go tooling.
Reposted
Community meeting tomorrow at 5PM UTC! www.linkedin.com/posts/owasp-...
GitHub - DependencyTrack/community: Community resources for OWASP Dependency-Track | OWASP Dependency-Track
Join us tomorrow, November 5th, for the monthly Dependency-Track community meeting!
Outside of the usual project updates, we're happy to host a guest presentation by Viktor Petersson, creator of sbom...
www.linkedin.com
November 4, 2025 at 11:28 AM
Community meeting tomorrow at 5PM UTC! www.linkedin.com/posts/owasp-...
Reposted
CycloneDX v1.7 is here!
The latest release strengthens software & system transparency with:
- Cryptography BOM (CBOM)
- Data provenance & citations
- Intellectual property visibility
Learn more: cyclonedx.org/news/cyclone...
#OWASP #SBOM #CBOM #CyberSecurity
The latest release strengthens software & system transparency with:
- Cryptography BOM (CBOM)
- Data provenance & citations
- Intellectual property visibility
Learn more: cyclonedx.org/news/cyclone...
#OWASP #SBOM #CBOM #CyberSecurity
CycloneDX SBOM Spec (OWASP) on X: "CycloneDX v1.7 is here! The latest release strengthens software & system transparency with: - Cryptography BOM (CBOM) - Data provenance & citations - Intellectual property visibility Learn more: https://t.co/VjHCDgC5tL #OWASP #CycloneDX #SBOM #CBOM #CyberSecurity" / X
CycloneDX v1.7 is here! The latest release strengthens software & system transparency with: - Cryptography BOM (CBOM) - Data provenance & citations - Intellectual property visibility Learn more: https://t.co/VjHCDgC5tL #OWASP #CycloneDX #SBOM #CBOM #CyberSecurity
x.com
October 21, 2025 at 3:40 PM
CycloneDX v1.7 is here!
The latest release strengthens software & system transparency with:
- Cryptography BOM (CBOM)
- Data provenance & citations
- Intellectual property visibility
Learn more: cyclonedx.org/news/cyclone...
#OWASP #SBOM #CBOM #CyberSecurity
The latest release strengthens software & system transparency with:
- Cryptography BOM (CBOM)
- Data provenance & citations
- Intellectual property visibility
Learn more: cyclonedx.org/news/cyclone...
#OWASP #SBOM #CBOM #CyberSecurity
Reposted
Java 25 / JDK 25: General Availability: mail.openjdk.org/pipermail/jd...
Features: openjdk.org/projects/jdk...
Downloads: jdk.java.net/25/
#Java25 #JDK25 #OpenJDK #Java
Features: openjdk.org/projects/jdk...
Downloads: jdk.java.net/25/
#Java25 #JDK25 #OpenJDK #Java
Java 25 / JDK 25: General Availability
mail.openjdk.org
September 16, 2025 at 1:26 PM
Java 25 / JDK 25: General Availability: mail.openjdk.org/pipermail/jd...
Features: openjdk.org/projects/jdk...
Downloads: jdk.java.net/25/
#Java25 #JDK25 #OpenJDK #Java
Features: openjdk.org/projects/jdk...
Downloads: jdk.java.net/25/
#Java25 #JDK25 #OpenJDK #Java
Reposted
The Register wrote a story about a single maintainer open source project, I think it's shameful and upsetting
So I wrote a blog post about it
An absolutely ridiculous amount of open source is one person projects. I have the data to prove it
opensourcesecurity.io/2025/08-oss-...
So I wrote a blog post about it
An absolutely ridiculous amount of open source is one person projects. I have the data to prove it
opensourcesecurity.io/2025/08-oss-...
Open Source is one person
The Register recently published a story titled Putin on the code: DoD reportedly relies on utility written by Russian dev. They should be ashamed of this story, and the company behind the ambulance ch...
opensourcesecurity.io
August 28, 2025 at 1:41 AM
The Register wrote a story about a single maintainer open source project, I think it's shameful and upsetting
So I wrote a blog post about it
An absolutely ridiculous amount of open source is one person projects. I have the data to prove it
opensourcesecurity.io/2025/08-oss-...
So I wrote a blog post about it
An absolutely ridiculous amount of open source is one person projects. I have the data to prove it
opensourcesecurity.io/2025/08-oss-...
Reposted
Reposted
Absolute brilliance.
July 30, 2025 at 6:04 PM
Absolute brilliance.
Reposted
I just wanted to say, I’m probably more proud of this Ted talk than just about anything I’ve ever done so I’m gonna be absolutely useless for the next couple of weeks as I promote the shit out of this because I want you to watch it because it matters in the moment we are in youtu.be/dVG8W-0p6vg
Tech Promised Everything. Did it deliver? | Scott Hanselman | TEDxPortland
YouTube video by TEDx Talks
youtu.be
July 17, 2025 at 8:37 PM
I just wanted to say, I’m probably more proud of this Ted talk than just about anything I’ve ever done so I’m gonna be absolutely useless for the next couple of weeks as I promote the shit out of this because I want you to watch it because it matters in the moment we are in youtu.be/dVG8W-0p6vg
Reposted
My friends. This is not a good idea: www.wired.com/story/silico... - take it from every single wisdom tradition in the history of the world. You can love your work, but your work cannot love you back. Have more respect for yourself and your peers. Work hard. Do good work.
Silicon Valley AI Startups Are Embracing China’s Controversial ‘996’ Work Schedule
In an industry once known for cushy perks, some founders are now asking staff to commit to a 72-hour weekly schedule. You’re either in or you’re out.
www.wired.com
July 23, 2025 at 4:18 PM
My friends. This is not a good idea: www.wired.com/story/silico... - take it from every single wisdom tradition in the history of the world. You can love your work, but your work cannot love you back. Have more respect for yourself and your peers. Work hard. Do good work.
Reposted
Reposted
BREAKING.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
April 15, 2025 at 5:23 PM
BREAKING.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
So freaking tired of debugging ORM quirks. Excuse me while I scream into a pillow or something.
a man is holding a white pillow in his mouth
ALT: a man is holding a white pillow in his mouth
media.tenor.com
April 10, 2025 at 10:20 PM
So freaking tired of debugging ORM quirks. Excuse me while I scream into a pillow or something.
Happy stock portfolio downhill race day to all who celebrate!
a cartoon of homer simpson talking to a man standing next to a pile of money on fire .
ALT: a cartoon of homer simpson talking to a man standing next to a pile of money on fire .
media.tenor.com
April 7, 2025 at 10:22 AM
Happy stock portfolio downhill race day to all who celebrate!
Reposted
On the bright side, at least Brexit is no longer the stupidest and most pointless act of economic self-harm of the century
April 5, 2025 at 8:50 PM
On the bright side, at least Brexit is no longer the stupidest and most pointless act of economic self-harm of the century
Reposted
Everyone have the weekend you voted for! Globally, honestly.
April 5, 2025 at 5:22 AM
Everyone have the weekend you voted for! Globally, honestly.
Reposted
my new theory is that once you have a certain amount of money and wealth you start to go crazy and detach from reality. that number is different for everyone. for me it's $20
April 2, 2025 at 4:38 PM
my new theory is that once you have a certain amount of money and wealth you start to go crazy and detach from reality. that number is different for everyone. for me it's $20
Reposted
Join our community meeting next Wednesday, 2nd April at 4-5PM UTC for a presentation from our friends at #Monzo Bank!
Learn how Monzo replaced a proprietary vulnerability scanner with @cyclonedx.bsky.social #SBOMs & Dependency-Track.
Calendar Invite: dub.sh/dtcalendar
Zoom Link: dub.sh/dtzoom
Learn how Monzo replaced a proprietary vulnerability scanner with @cyclonedx.bsky.social #SBOMs & Dependency-Track.
Calendar Invite: dub.sh/dtcalendar
Zoom Link: dub.sh/dtzoom
LinkedIn
This link will take you to a page that’s not on LinkedIn
lnkd.in
March 27, 2025 at 7:28 PM
Join our community meeting next Wednesday, 2nd April at 4-5PM UTC for a presentation from our friends at #Monzo Bank!
Learn how Monzo replaced a proprietary vulnerability scanner with @cyclonedx.bsky.social #SBOMs & Dependency-Track.
Calendar Invite: dub.sh/dtcalendar
Zoom Link: dub.sh/dtzoom
Learn how Monzo replaced a proprietary vulnerability scanner with @cyclonedx.bsky.social #SBOMs & Dependency-Track.
Calendar Invite: dub.sh/dtcalendar
Zoom Link: dub.sh/dtzoom
Reposted
Okay, this is my newest very very favorite meme.
March 21, 2025 at 5:20 PM
Okay, this is my newest very very favorite meme.
Reposted
Reposted
We are living in dangerous times.
Europe‘s security is threatened in a very real way.
Today I present ReArm Europe.
A plan for a safer and more resilient Europe ↓
europa.eu/!MFPVMC
Europe‘s security is threatened in a very real way.
Today I present ReArm Europe.
A plan for a safer and more resilient Europe ↓
europa.eu/!MFPVMC
March 4, 2025 at 8:52 AM
We are living in dangerous times.
Europe‘s security is threatened in a very real way.
Today I present ReArm Europe.
A plan for a safer and more resilient Europe ↓
europa.eu/!MFPVMC
Europe‘s security is threatened in a very real way.
Today I present ReArm Europe.
A plan for a safer and more resilient Europe ↓
europa.eu/!MFPVMC
Reposted
You might know us from the guides we have put together, like the de-risking guide and the UX guide. Governments all around the world have used them to make services more accessible and add more value to the public — all while saving millions of dollars. You can still find them here: 18f.org/guides/
18F Guides
A central resource for all 18F guides and methods
18f.org
March 3, 2025 at 6:19 PM
You might know us from the guides we have put together, like the de-risking guide and the UX guide. Governments all around the world have used them to make services more accessible and add more value to the public — all while saving millions of dollars. You can still find them here: 18f.org/guides/
Reposted
Ich habe die kleine Anfrage der Union für @taz.de länger eingeordnet.
(Und bin dankbar, dass mir die Redaktion "kokaingetrieben" und "lauchig" nicht wegredigiert hat, im Gegenteil)
taz.de/CDU-delegiti...
(Und bin dankbar, dass mir die Redaktion "kokaingetrieben" und "lauchig" nicht wegredigiert hat, im Gegenteil)
taz.de/CDU-delegiti...
February 26, 2025 at 8:54 AM
Ich habe die kleine Anfrage der Union für @taz.de länger eingeordnet.
(Und bin dankbar, dass mir die Redaktion "kokaingetrieben" und "lauchig" nicht wegredigiert hat, im Gegenteil)
taz.de/CDU-delegiti...
(Und bin dankbar, dass mir die Redaktion "kokaingetrieben" und "lauchig" nicht wegredigiert hat, im Gegenteil)
taz.de/CDU-delegiti...
Reposted
PSA:
If you are responsible for performance of Postgres DBs, check out POWA.
It analyzes your workload, visualizes, provides insights and even suggests indexes that optimize the workload as a whole.
Docs: powa.readthedocs.io/en/latest/
Demo (just click login): demo-powa.anayrat.info/server/
If you are responsible for performance of Postgres DBs, check out POWA.
It analyzes your workload, visualizes, provides insights and even suggests indexes that optimize the workload as a whole.
Docs: powa.readthedocs.io/en/latest/
Demo (just click login): demo-powa.anayrat.info/server/
February 25, 2025 at 3:22 AM
PSA:
If you are responsible for performance of Postgres DBs, check out POWA.
It analyzes your workload, visualizes, provides insights and even suggests indexes that optimize the workload as a whole.
Docs: powa.readthedocs.io/en/latest/
Demo (just click login): demo-powa.anayrat.info/server/
If you are responsible for performance of Postgres DBs, check out POWA.
It analyzes your workload, visualizes, provides insights and even suggests indexes that optimize the workload as a whole.
Docs: powa.readthedocs.io/en/latest/
Demo (just click login): demo-powa.anayrat.info/server/