in-toto

Coding

Zero-Trust CI/CD: A Practical Blueprint for Securing Build Pipelines with Ephemeral Agents and Attested Artifacts

Yoo plus 2026-02-03

The move to Zero-Trust CI/CD changes the security model from “implicit trust” inside build environments to explicit...

Cryptographically-Verifiable Code Reviews: Building a Zero-Trust Review Chain

Yoo plus 2026-01-27

The promise of a tamper-evident, auditable development lifecycle starts with Cryptographically-Verifiable Code Reviews: using signatures and attestations...

in-toto

Zero-Trust CI/CD: A Practical Blueprint for Securing Build Pipelines with Ephemeral Agents and Attested Artifacts

Cryptographically-Verifiable Code Reviews: Building a Zero-Trust Review Chain

Attested Ephemeral CI Runners: Provisioning TPM/SGX-attested, On-Demand Build Workers via GitOps

Pipeline Provenance: Producing Cryptographically Verifiable CI/CD Artifacts