Our security assessments go beyond checking boxes. We provide technical insights on vulnerability root causes, long-term recommendations, and hands-on tooling assistance. Reach out to learn more. meetings.hubspot.com/ken-trueba?uui…

A key tool for threat intelligence: the @_seal_org's ISAC is launched: isac.securityalliance.org

❗ Security first! 👀

We are thrilled to announce that Trail of Bits, a leading security firm, has completed a thorough security assessment of f(x) Protocol! This marks a significant milestone for us and underscores our unwavering commitment to security and transparency.

As with…

PyPI now has three new Trusted Publishing, thanks (in part) to our work at Trail of Bits! This realizes our goal of expanding Trusted Publishing to compute environments outside of GitHub Actions:

blog.pypi.org/posts/2024-04-…

Joe Sweeney is presenting on our work on build provenance for Homebrew at SOSS Day NA!

Read more about our design on our blog: blog.trailofbits.com/2023/11/06/add…

Join us today at 11:10 PDT @OpenSSF SOSS Community Day event to learn about our ongoing work on Homebrew's build provenance implementation, where we’re headed, and how it aligns with broader supply chain security trends and standardization efforts. events.linuxfoundation.org/soss-community…

Streamline the process for white hats to report bugs in your projects. We outline our procedure for disclosing five previously unreported vulnerabilities using a basic security policy and GitHub's private reporting feature.
blog.trailofbits.com/2024/04/15/5-r…

Used the fuzz-utils tool by Trail of Bits on a real project for the first time today and it’s actually great.

It's great to see that it's already improving and the new config file feature really helps with keeping the command you have to run to generate tests on broken…

Very excited to share the next night of NYC Systems Talks next Thursday, hosted at Trail of Bits HQ.

We'll be hearing from Neil Ramaswamy of DataBricks on streaming SQL, and social:x#tweet@user:jimmy of authzed on low-latency systems on Kubernetes.

We filled all invite slots in just two…

Slither 0.10.2 was released yesterday with a new-and-improved mutation testing tool with first class support for Foundry!

We also released a detector to identify unused imports.

What's that about an LSP??? stay tuned

My RWC ‘24 talk on Weak Fiat-Shamir Attacks is now available on YouTube
youtu.be/HsqmaLszRm4

We are giving away a handful of tickets to @cryptocanal's #ETHDam to anyone who has made a PR to one of our tools. DM us directly or drop the PR link in the comments 👇

Open Source Cryptography Workshop 2024 videos and slides are posted: opensourcecryptowork.shop/2024/

Talks by Franziskus Kiefer , Deirdre Connolly¹ , Sophie, indistinguishable from random noise, Nina Bindel, Armando Faz 🌵, Iraklis Leontiadis, Thibault, William Woodruff (1.3.6.1.4.1.55738), et al.

Chilling at kernelcon with Tim talking everything that abbreviates to AI.

Trail of Bits knows AI and is booking now for summer engagements, including AI training and risk assessments:
trailofbits.com/services/softw…