Bringing Nix βοΈ to the enterprise to empower fearless software delivery πͺ
Joined March 2021
- Tweets 855
- Following 189
- Followers 2,742
- Likes 513
84 Photos and videos
Pinned Tweet
Today we're thrilled to announce the launch of our newest offering: Determinate Secure Packages. A drop-in replacement for Nixpkgs, it offers secure, signed, auditable Nix packages for the enterprise, including CVE monitoring and SLA-backed remediation, per-release SBOMs, optional FIPS-compliant builds, packages cached in FlakeHub Cache, cryptographic signing, and more. Link in thread ππ§΅π
1
4
25
4,865
I don't know about you, but Supply Chain Splash Week has been a real blast for us here at Determinate Systems. Now that it's Friday, it's time to sit back, relax, wistfully look back, and longingly gaze into the future π¦ π βοΈ π βοΈ βͺ
Recap and look ahead in thread 𧡠π
1
5
374
Next week, on Thursday, June 18, we'll have a supply-chain-related webinar, titled "Supply chain security reimagined with FlakeBOM and Determinate Secure Packages." Register today to get an in-depth look at our efforts.
luma.com/flakebom
1
126
And coming soon, you'll be hearing more from us about FedRAMP support for the Determinate platform, more detailed provenance info and full-on attestation in Nix, new FlakeBOM features, and more β¨ π
If any of this sounds exciting to you, reach out to us at sales@determinate.systems to schedule a demo or talk terms.
1
105
Determinate Secure Packages 26.05 is now out and ready to rock your half-yearly Nixpkgs update world, with SLA-backed CVE remediation, full cache coverage in FlakeHub Cache, access to FlakeBOM, optional FIPS support, and all the other goodies now available to teams already on Nixpkgs 26.05 or looking to upgrade π¦ π β¬οΈ βοΈ π
Link in thread 𧡠π π
1
2
7
2,013
Determinate Secure Packages 26.05 is now available determinate.systems/blog/detβ¦
3
126
We're excited to announce the release of FlakeBOM, a CLI for generating CycloneDX SBOMs from Nix flakes. Lightning-fast and complete with VEX metadata and support for a wealth of information not provided by other tools, it's truly the perfect complement to Determinate Secure Packages βοΈ β‘ π¦ π
Read more at the link in thread 𧡠π π
1
7
15
1,018
Introducing FlakeBOM, a CLI for generating SBOMs from Nix flakes determinate.systems/blog/intβ¦
1
4
173
One of our favorite things about Determinate Secure Packages as developers ourselves is that adoption doesn't involve refactoring or building out an awkwardly fitting integration. You just swap out a flake reference to get started and then `nix flake update` to imbibe a steady stream of security fixes. That's really it π¦ π βοΈ π
determinate.systems/secure-pβ¦
3
15
2,595
Nobody goes to work saying "I can't wait to achieve compliance today." But like it or not, cryptography standards like FIPS are non-negotiable if you want to work with many US federal agencies, so better to make it all as painless as possible. We're confident that we've done precisely that with Determinate Secure Packages, which offers FIPS-140-2-compliant variants of Nixpkgs as drop-in replacements. Swap a flake reference and immediately get to work with FIPS-friendly OpenSSL, NSS, and much more. Find out more here π π
determinate.systems/secure-pβ¦
1
3
6
668
Did you read that last tweet and think, "That's neat-o, but what about FedRAMP?" We'll have much more to say about the Determinate platform and FedRAMP very soon, so stay tuned π π βοΈ π
1
3
240
A secure Nixpkgs for the enterprise is here (and has been for a while now!) π¦ βοΈ π
In today's blog post we catch up with our Determinate Secure Packages offering. Find out how it's transforming the software supply chain, about the big strides forward that we've made, and how to get started. Link in thread 𧡠π π
2
1
5
349
Determinate Secure Packages at a glance, with a view to the future determinate.systems/blog/supβ¦
2
233
The supply chain story in our industry has been pretty rough lately, eh? Wily vulnerabilities, scarily sophisticated exploits, vast attack surfaces, and woefully uneven remediation (if any!) have put us all on edge. We at Determinate Systems are at work tackling this problem in a major way, and this week we're going to tell you a whole lot about it. More info in thread π§΅π
1
2
3
396
Tomorrow, we'll share an update about Determinate Secure Packages, our secure subset of Nixpkgs, complete with SLA-backed CVE remediation, FIPS-compliant package variants, and more βοΈ π π¦ If our secure packages offering isn't yet on your radar at all, this post is for you π
1
2
5
299
On Thursday, we'll tell you about a brand new tool we've built called FlakeBOM, a CLI that builds CycloneDX-compatible SBOMs from from Nix flakes, opening up a new universe of security-related workflows around Nix π π
So much fun supply chain stuff happening on our side that we couldn't resist devoting an entire week to it, so stay tuned π‘
2
8
500
Nix adoption often starts with one developer solving reproducibility problems for themselves and then introducing it at work, where the question becomes: how can Nix be made reliable and secure for teams?
Determinate Systems co-founder and CTO @grhmc recently joined the Open Source Ready podcast to talk about Nix at work and much more. Take a listen π€ βοΈ π
heavybit.com/library/podcastβ¦
6
419
We believe that Nix is set to revolutionize the software supply chainβand amidst a flurry of high-profile supply chain lapses, the timing couldn't be better βοΈ π π¦
Our own @lucperkins explains why on the Determinate Systems blog. Link in thread 𧡠π π
1
2
10
1,281
Nix is set to revolutionize the software supply chain determinate.systems/blog/corβ¦
3
262