Security Research by Ry Walker
Category Report
Developer Trust ToolsCategory analysis of 10 developer trust and supply chain security tools. Covers Vouch (contributor trust), git-ai (AI code provenance), Sigstore (artifact signing), SLSA (build provenance), in-toto (attestation), zizmor (CI auditing), Socket.dev (proactive detection), OpenSSF Scorecard (project scoring), and GUAC (knowledge graph).
6 min read·15 profiles
Product Profiles (15)
Abnormal AI Background Agentsx.com/shrivushankar/status/2021663840153563484AWS Nova 2 Sonicaws.amazon.com/novaCodePathFindercodepathfinder.devin-totoin-toto.ioMicrosandboxmicrosandbox.devNanoClawgithub.com/nanocoai/nanoclawNullClawgithub.com/nullclaw/nullclawNVIDIA OpenShellbuild.nvidia.com/openshellOpenSSF Scorecardscorecard.devRunbearrunbear.ioshaigithub.com/colony-2/shaiSigstoresigstore.devSLSAslsa.devSocket.devsocket.devZeroClawwww.zeroclawlabs.ai