OpenSSF - Open Source Project Security Baseline

Today, I wanted to share with you a new initiative by OpenSSF called the Open Source Project Security Baseline. 

The TL;DR can be summarized as a series of checks that a project maintainer must have in place in their software repository to demonstrate a secure security posture. 

The baseline is divided into three levels, which are well described. I find it to be an interesting initiative and easy to apply for improving and certifying one's security level.

The initiative has been announced here, and here you can find the website for this new and interesting initiative!

KubeCon EU 2025 London

The countdown to KubeCon EU (London) has begun, and I couldn’t be more thrilled to announce that, for the third year in a row, I’ll have the incredible privilege of attending!

This year is extra special because, for the second time, I’ll be managing a booth alongside my amazing colleagues. Why? Because ReeVo (the company that SIGHUP has now joined) will proudly be a sponsor of this big event!

Being a sponsor at KubeCon is no small feat! It means rolling up our sleeves for an exciting whirlwind of extra work and packing plenty of throat lozenges to keep my voice intact through all the conversations (and trust me, there will be a lot of them!). It’s multitasking on steroids but I wouldn’t have it any other way!

The real magic of KubeCon lies in the connections. It’s an unparalleled opportunity to meet and engage with brilliant minds from every corner of the globe. It’s about putting faces to names, building meaningful relationships with partners, collaborators, and project contributors people I’ll be working closely with throughout the year. These moments of connection are what make this event truly unforgettable.

I’m beyond excited and absolutely energized to dive into this experience once again.

So, see you in London! If you’re attending the conference, don’t miss out come by our booth and say hi! 

Let’s make (also) this KubeCon one to remember! 🚀🚀🚀

CyberArk Conjur cloud cli - how fix zsh: operation not permitted: ./conjur

As a consultant, it's always a pleasure to explore new tools, and since the end of 2024, we have been experimenting with CyberArk's SaaS offering.

The first component we started working with is Conjur Cloud, the SaaS version of Conjur Enterprise, which we are already very familiar with.

Conjur Cloud features an impressive UI that allows users to configure and manage most settings 

seamlessly. 

Like Conjur Enterprise, it also has its own dedicated CLI, which is available for download on the CyberArk Marketplace.After installing the Conjur Cloud CLI on macOS 15.2, I encountered the following error when attempting to execute it:

conjur -version
zsh: operation not permitted: ./conjur

 


After some troubleshooting, I discovered that the binary had been quarantined by macOS 15.2. Running the following command confirmed this:

xattr -l /Applications/ConjurCloudCLI.app/Contents/Resources/conjur/conjur

where I got as output:

com.apple.quarantine: 0187;678a416a;Microsoft\\x20Teams\\x20WebView;

To resolve this issue, I removed the quarantine attribute using the following command:

xattr -d com.apple.quarantine /Applications/ConjurCloudCLI.app/Contents/Resources/conjur/conjur

After applying this fix, I was able to successfully launch the CLI:

conjur --version Conjur Cloud CLI version 1.1.2

macOS, Podman Desktop and the Podman machine: pay close attention to the Podman version.

Using Podman as the standard tool requested by clients for running local containers outside of a Kubernetes environment, I decided to start the year by installing Podman Desktop on my company MacBook.

Podman Desktop features a user interface (UI) similar to Docker Desktop, making it easier to manage containers and images. It also includes plugin management to extend its functionality (e.g., deploying containers on Kubernetes).

After installing Podman Desktop version 1.15.0, I proceeded with the setup but encountered issues with the Podman machine (the virtual machine dedicated to running containers), which failed to start (no errors, it just hung).

After performing all the necessary checks and finding no logs, I tried the usual troubleshooting steps, including cleaning up and reinstalling. 

This resolved the issue and revealed the cause: my MacBook previously had an older version of Podman installed in the past, that I totally forgot.

podman --version
podman version 4.3.1

Following the new installation of Podman Desktop, since no existing version was detected, the setup prompted me to install a newer version:

podman --version
podman version 5.3.1

At this point, the setup for Podman Desktop identified that the existing Podman machine was incompatible with the current release.

After confirming the removal of the unsupported Podman machine and proceeding with its recreation, the Podman machine started successfully.

Confirmed as KubeWeekly Editor: Giving Back to the Cloud-Native Community in 2025

One of the pleasures of working with open-source software (OSS) and community-driven initiatives is the endless opportunities they offer. If you ever find yourself with "not enough" to do at work (yes, that's ironic!), there's always an easy way to take on something extra and meaningful.

Contributing back to the community you're part of is a wonderful way to express gratitude. After all, how could anyone be luckier than to give back to something they love? 😊

For 2025, one of my ongoing community chores will be serving as a KubeWeekly editor—for the second consecutive year!

For those unfamiliar, KubeWeekly is a fantastic mailing list that curates the latest news, trends, and updates in the cloud-native ecosystem. If you work in this space, I highly recommend subscribing so you don’t miss out!

Here’s the link: KubeWeekly

KCD Italy will return in 2025 with a new name

Yesterday, the organizers of KCD Italy announced that the conference will return in 2025, once again in Bologna in June!!

For various organizational reasons, the conference will change its name to Cloud Native Days Italy, but the quality will remain the same.

At the moment, nothing else is known. Start marking a reminder in your calendar, see you in Bologna! 

Security conference - BSIDES GALWAY February 22nd, 2025

It’s been a couple of years since I moved to Galway, and I’m still absolutely thrilled with my decision!

During the past few months, I had the chance to meet some awesome people at a local security meetup called burbsec. It was a nice experience—sharing ideas, meeting new faces, and of course, enjoying a few beers ;-) !!

Now, some of these folks are organizing a security conference called BSIDES Galway, happening on February 22nd, 2025!

The event will be held at the University of Galway and marks the very first local edition of the globally renowned BSIDES format, which takes place in cities all over the world.

The goal? To create a welcoming space where people can dive into fascinating sessions, exchange ideas, and have a blast—all while focusing on cybersecurity.

If you’re excited about joining, make sure to check out the official event website!

Right now, the Call for Papers (CFP) is open, and there are still opportunities for sponsorship.

Just a couple of days ago, the organizers dropped the first batch of early-bird tickets, and they SOLD OUT within hours!

So if you’re interested in attending, submitting a talk, or becoming a sponsor, head over to the website for all the details. I can’t wait to see some of you there! 

Some links:

Event site: https://bsidesgalway.com/menu

Tickets: https://ti.to/bsides-galway/bsides-galway-2025

Social: https://x.com/BSidesGalway