Kairo de Araujo
Kairo is a Senior Open Source Software Engineer at VMware Open Source Program Office (OSPO) on the Security Supply Chain team. He contributed to python-tuf and is the author of Repository Service for TUF (RSTUF). Prior roles include System Engineer Specialist and Senior Software Engineer at IBM, ING, and Forescout.
Sessions
10-26
09:30
25min
“Our stuff” - how to protect users from package compromise with RSTUF
Kairo de Araujo, Lukas Pühringer
For many years the Update Framework (TUF) has been a prime reference for secure package delivery and updates. Despite its popularity, integration with existing package managers remains a challenging task.
Enter RSTUF: This new OpenSSF project has taken on the challenge to provide a generic TUF application, which primarily focuses on ease of adoption.
Main stage