Merge branch 'feat/tooling-page'
This commit is contained in:
commit
71c251bcf7
12
_config.yml
12
_config.yml
|
@ -21,16 +21,16 @@
|
|||
title: Distrust
|
||||
email: lance@distrust.co
|
||||
description: >- # this means to ignore newlines until "baseurl:"
|
||||
Trust
|
||||
Nothing
|
||||
Trust Nothing
|
||||
baseurl: "" # the subpath of your site, e.g. /blog
|
||||
url: "https://distrust.co" # the base hostname & protocol for your site, e.g. http://example.com
|
||||
|
||||
header_pages:
|
||||
- index.md
|
||||
- about.md
|
||||
- services.md
|
||||
- contact.md
|
||||
- index.md
|
||||
- about.md
|
||||
- services.md
|
||||
- tools.md
|
||||
- contact.md
|
||||
|
||||
style: dark # dark (default), light or hacker
|
||||
listen_for_clients_preferred_style: false # false (default) or true
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
|
||||
<!-- "Really, there is nothing interesting to see here. It is a static website. -->
|
||||
<!-- Here is the terraform code that deployed it, and here is the site source repo. -->
|
||||
<!-- If you find anything interesting or want to talk to us, reach out via our /contact page!" -->
|
||||
<!-- If you find anything interesting or want to talk to us, reach out via our /contact page!" -->
|
||||
<!-- https://git.distrust.co/public/stack -->
|
||||
<!-- https://git.distrust.co/public/website -->
|
||||
|
||||
|
@ -32,6 +32,9 @@
|
|||
<div>
|
||||
<a href="/services.html">Services</a>
|
||||
</div>
|
||||
<div>
|
||||
<a href="/tools.html">Tools</a>
|
||||
</div>
|
||||
<div>
|
||||
<a href="/contact.html">Contact</a>
|
||||
</div>
|
||||
|
|
|
@ -17,16 +17,16 @@
|
|||
{%- endif -%}
|
||||
{%- endif -%}
|
||||
{%- endfor -%}
|
||||
<li class="show">
|
||||
<a href="/contact.html" class="action-button">Free Consultation</a>
|
||||
</li>
|
||||
</ul>
|
||||
<div class="show">
|
||||
<a href="/contact.html" class="action-button">Request a Quote</a>
|
||||
</div>
|
||||
<div id="hamburger-menu" class="hide menu-button-container" for="menu-toggle">
|
||||
<input id="menu-toggle" type="checkbox" />
|
||||
<label style="display: inline-block">
|
||||
<div class='menu-button'></div>
|
||||
</label>
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</header>
|
||||
</header>
|
||||
|
|
|
@ -28,7 +28,7 @@
|
|||
</ul>
|
||||
<br />
|
||||
<br />
|
||||
<a href="/contact.html" class="action-button">Request a Quote</a>
|
||||
<a href="/contact.html" class="action-button">Free Consultation</a>
|
||||
</section>
|
||||
|
||||
<hr />
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
<h2>Understand and mitigate security threats others won't see coming.</h2>
|
||||
<p>We believe security compromises to your systems and personnel are <b>inevitable</b>. Allow our team of experienced security engineers to help you reduce the likelihood and impact of risks by thinking from first principles.</p>
|
||||
<br />
|
||||
<a href="/contact.html" class="action-button">Request a Quote</a>
|
||||
<a href="/contact.html" class="action-button">Free Consultation</a>
|
||||
<br />
|
||||
</div>
|
||||
</div>
|
||||
|
@ -39,7 +39,7 @@
|
|||
|
||||
<br />
|
||||
|
||||
<div class="flex-container-inner">
|
||||
<div class="flex-container-inner">
|
||||
<div class="companies">
|
||||
<div>
|
||||
<a href="https://coinbase.com">
|
||||
|
@ -138,9 +138,9 @@
|
|||
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, want to create or improve an open source security tool, or want to focus on assessing a specific aspect of your organization or system - we are here to help. Our experienced staff will collaborate closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
|
||||
<div class="button-container">
|
||||
<a class="action-button" href="/services.html">Learn more</a>
|
||||
<a href="/contact.html" class="action-button">Request a Quote</a>
|
||||
<a href="/contact.html" class="action-button">Free Consultation</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="flex-container-inner">
|
||||
<div class="">
|
||||
|
@ -148,7 +148,7 @@
|
|||
<hr />
|
||||
<br />
|
||||
</div>
|
||||
|
||||
|
||||
<div class="text-well">
|
||||
<h3>Security Assessment</h3>
|
||||
<p>We offer full stack security assessments, covering anything that is in scope for a sophisticated adversary, such as compromising a third party library, bribing a devops engineer, finding a oversight in your code, or otherwise. While we will point out specific flaws we find, we feel we offer the most value in helping you identify where you can make strategic improvements to your architecture to take entire classes of risk off the table.</p>
|
||||
|
@ -157,34 +157,34 @@
|
|||
<br />
|
||||
<hr />
|
||||
<br />
|
||||
|
||||
|
||||
<div class="text-well">
|
||||
<h3>Security Engineering</h3>
|
||||
<p>Our team is comprised of security engineers with past lives as full time system administrators and software engineers. We have extensive first hand experience in implementing custom security defenses for high risk organizations. We are happy to get as deep into the weeds planning new defense strategies as you like, from Linux kernel hardening, to supply chain signing, to code quality, library choices, and beyond.</p>
|
||||
</div>
|
||||
|
||||
|
||||
<br />
|
||||
<hr />
|
||||
<br />
|
||||
|
||||
|
||||
<div class="text-well">
|
||||
<h3>Retained Security Support</h3>
|
||||
<p>We offer monthly retainer contracts to augment your existing security team with access to our combined experience as needed. You can drop questions to our team in a chat, or include us in security-relevant meetings. Almost anything an in-house security team might do to protect your organization is in scope for us as well, including qualifying candidates, conducting interviews, reviewing code, evaluating third party risks, or being a security voice in the room when you are planning new products.</p>
|
||||
</div>
|
||||
|
||||
|
||||
<br />
|
||||
<hr />
|
||||
<br />
|
||||
|
||||
|
||||
<div class="text-well">
|
||||
<h3>Research & Development</h3>
|
||||
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique situations. If we are doing public work you would like so see more of, or that -almost- meets your needs, we would love to hear that and figure out a path to see your needs met.</p>
|
||||
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique situations. If we are doing public work you would like to see more of, or that -almost- meets your needs, we would love to hear that and figure out a path to see your needs met.</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<br />
|
||||
<br />
|
||||
<a href="/contact.html" class="action-button">Request a Quote</a>
|
||||
<a href="/contact.html" class="action-button">Free Consultation</a>
|
||||
</section>
|
||||
</main>
|
||||
{%- include footer.html -%}
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
<h2>How can we help you?</h2>
|
||||
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, want to create or improve an open source security tool, or want to focus on assessing a specific aspect of your organization or system - we are here to help. Our experienced staff will collaborate closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
|
||||
<br />
|
||||
<a href="/contact.html" class="action-button">Request a Quote</a>
|
||||
<a href="/contact.html" class="action-button">Free Consultation</a>
|
||||
<br />
|
||||
</div>
|
||||
</div>
|
||||
|
@ -83,34 +83,16 @@
|
|||
</ul>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
|
||||
<hr />
|
||||
|
||||
<section class="flex-container">
|
||||
<div class="flex-container-inner">
|
||||
<div class="text-well">
|
||||
<h3>Research & Development</h3>
|
||||
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique needs. If we are doing public work you would like so see more of, or that <i>almost</i> meets your needs, we would love to hear from you and figure out a path to see your needs met.</p>
|
||||
<h3>Research</h3>
|
||||
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique needs. If we are doing public work you would like to see more of, or that <i>almost</i> meets your needs, we would love to hear from you and figure out a path to see your needs met.</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="flex-container-inner">
|
||||
<h4>Development</h4>
|
||||
<ul>
|
||||
<li><a href="https://git.distrust.co/public/keyfork">keyfork: a hierarchical deterministic key management toolkit</a></li>
|
||||
<li><a href="https://codeberg.org/stagex/stagex">stagex: Minimalism and security first repository of reproducible and multi-signed OCI images of common open source software toolchains full-source bootstrapped from Stage 0 all the way up.</a></li>
|
||||
<li><a href="https://git.distrust.co/public/airgap">airgap: a minimal linux distro for high risk scenarios</a></li>
|
||||
<li><a href="https://git.distrust.co/public/git-sig">git-sig: a multi-sig trust toolkit for git</a></li>
|
||||
</ul>
|
||||
|
||||
<h4>Research</h4>
|
||||
<ul>
|
||||
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39910">CVE-2023-39910</a></li>
|
||||
<li><a href="https://milksad.info">MilkSad</a></li>
|
||||
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9234">CVE-2018-9234</a></li>
|
||||
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9057">CVE-2018-9057</a></li>
|
||||
<li><a href="https://www.vice.com/en/article/3kxy4k/high-tech-japanese-hotel-service-robots-easily-hackable">Japanese Robot Hotel</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</section>
|
||||
</main>
|
||||
|
||||
|
|
|
@ -0,0 +1,113 @@
|
|||
|
||||
<!DOCTYPE html>
|
||||
<html lang="{{ page.lang | default: site.lang | default: en }}">
|
||||
|
||||
{%- include head.html -%}
|
||||
|
||||
<body>
|
||||
<div class="container">
|
||||
|
||||
{%- include header.html -%}
|
||||
|
||||
<main>
|
||||
<section class="flex-container">
|
||||
<div class="flex-container-inner">
|
||||
<div class="text-well">
|
||||
<h2>Tools</h2>
|
||||
<p>Distrust develops open source tooling to help make the internet a safer place!</p>
|
||||
|
||||
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique needs. If we are doing public work you would like to see more of, or that <i>almost</i> meets your needs, we would love to hear from you and figure out a path to see your needs met.</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="flex-container-inner">
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<hr />
|
||||
|
||||
<section class="flex-container">
|
||||
<div class="flex-container-inner">
|
||||
<div class="text-well">
|
||||
<h3>AirgapOS</h3>
|
||||
<a href="https://git.distrust.co/public/airgap" target="_blank" rel="noopener noreferrer">https://git.distrust.co/public/airgap</a>
|
||||
<p>A live buildroot based Linux distribution designed for managing secrets offline.</p>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
<div class="flex-container-inner">
|
||||
<ul>
|
||||
<li>Deterministic binary verification</li>
|
||||
<li>Small footprint (< 100MB)</li>
|
||||
<li>Immutable and diskless</li>
|
||||
<li>Network drivers removed</li>
|
||||
</ul>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<hr />
|
||||
|
||||
<section class="flex-container">
|
||||
<div class="flex-container-inner">
|
||||
<div class="text-well">
|
||||
<h3>Keyfork</h3>
|
||||
<a href="https://git.distrust.co/public/keyfork" target="_blank" rel="noopener noreferrer">https://git.distrust.co/public/keyfork</a>
|
||||
<p>An opinionated and modular toolchain for generating and managing a wide range of cryptographic keys offline and on smartcards from a shared bip39 mnemonic phrase..</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="flex-container-inner">
|
||||
<ul>
|
||||
<li>BIP39 style key derivation from OS or hardware entropy</li>
|
||||
<li>Sharding mechanism allows "M-of-N" recovery</li>
|
||||
<li>Built deterministically</li>
|
||||
<li>Intended for use with air-gapped systems</li>
|
||||
</ul>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<hr />
|
||||
|
||||
<section class="flex-container">
|
||||
<div class="flex-container-inner">
|
||||
<div class="text-well">
|
||||
<h3>StageX</h3>
|
||||
<a href="https://codeberg.org/stagex/stagex" target="_blank" rel="noopener noreferrer">https://codeberg.org/stagex/stagex</a>
|
||||
<p>Minimalism and security first repository of reproducible and multi-signed OCI images of common open source software toolchains full-source bootstrapped from Stage 0 all the way up.</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="flex-container-inner">
|
||||
<ul>
|
||||
<li>Fully verifiable and deterministic build toolchain</li>
|
||||
<li>Deterministic packages of commonly used software (rust, go, openssl, curl and many more)</li>
|
||||
<li>Flexible drop in replacement for existing software</li>
|
||||
<li>Available on <a href="https://hub.docker.com/u/stagex" target="_blank" rel="noopener noreferrer">dockerhub</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<hr />
|
||||
|
||||
<section class="flex-container">
|
||||
<div class="flex-container-inner">
|
||||
<div class="text-well">
|
||||
<h3>EnclaveOS</h3>
|
||||
<a href="https://git.distrust.co/public/enclaveos" target="_blank" rel="noopener noreferrer">https://git.distrust.co/public/enclaveos</a>
|
||||
<p>A minimal, immutable, and deterministic Linux unikernel build system targeting various Trusted Execution Environments for use cases that require high security and accountability.</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="flex-container-inner">
|
||||
<ul>
|
||||
<li>Immutable: Root filesystem is a CPIO filesystem extracted to a RamFS at boot</li>
|
||||
<li>Minimal: < 5MB footprint and nothing is included but a kernel and your target binary by default</li>
|
||||
<li>Deterministic: multiple people can reproduce the build and verify its integrity</li>
|
||||
<li>Hardened: No TCP/IP network support, most unnecessary kernel features disabled and follows <a href="https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project" target="_blank" rel="noopener noreferrer">Kernel Self Protection Project</a> recommendations</li>
|
||||
</ul>
|
||||
</div>
|
||||
</section>
|
||||
</main>
|
||||
|
||||
{%- include footer.html -%}
|
||||
|
||||
</div>
|
||||
</body>
|
||||
|
||||
</html>
|
|
@ -156,8 +156,8 @@ hr {
|
|||
}
|
||||
|
||||
.header-page-links a {
|
||||
margin: 0px 15px;
|
||||
font-size: 1.3rem;
|
||||
margin: 0px 4px;
|
||||
font-size: 1.1rem;
|
||||
text-decoration: none;
|
||||
}
|
||||
|
||||
|
@ -337,7 +337,7 @@ hr {
|
|||
|
||||
.right-menu>ul>li:before {
|
||||
content: "" !important;
|
||||
margin-right: 9px;
|
||||
margin-right: 4px;
|
||||
}
|
||||
|
||||
|
||||
|
@ -833,7 +833,7 @@ pre {
|
|||
|
||||
|
||||
/**
|
||||
* Carousel
|
||||
* Carousel
|
||||
*/
|
||||
|
||||
.carousel-container {
|
||||
|
@ -953,4 +953,4 @@ body {
|
|||
padding-top: 50px;
|
||||
padding-left: 10px;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
16
contact.md
16
contact.md
|
@ -4,18 +4,16 @@ layout: home
|
|||
permalink: /contact.html
|
||||
---
|
||||
|
||||
Send an email to `sales@distrust.co` to schedule a free introductory consultation.
|
||||
|
||||
## Emails
|
||||
|
||||
- [sales@distrust.co](mailto:sales@distrust.co)
|
||||
- [team@distrust.co](mailto:team@distrust.co)
|
||||
|
||||
## Team
|
||||
|
||||
- Lance Vick \<[lance@distrust.co](mailto:lance@distrust.co)\> [6B61 ECD7 6088 748C 7059 0D55 E90A 4013 36C8 AAA9](https://keys.openpgp.org/vks/v1/by-fingerprint/6B61ECD76088748C70590D55E90A401336C8AAA9)
|
||||
- Ryan Heywood \<[ryan@distrust.co](mailto:ryan@distrust.co)\> [8882 3A75 ECAA 786B 0FF3 8B14 8E40 1478 A3FB EF72](https://keys.openpgp.org/vks/v1/by-fingerprint/88823A75ECAA786B0FF38B148E401478A3FBEF72)
|
||||
- Anton Livaja \<[anton@distrust.co](mailto:anton@distrust.co)\> [F4BF 5C81 EC78 A5DD 341C 91EE DC4B 7D1F 52E0 BA4D](https://keys.openpgp.org/vks/v1/by-fingerprint/F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D)
|
||||
- Shane Engelman \<[shane@distrust.co](mailto:shane@distrust.co)\> [3D7C 8D39 E8C4 DF77 1583 D3F0 A8A0 91FD 3460 01CA](https://keys.openpgp.org/vks/v1/by-fingerprint/3D7C8D39E8C4DF771583D3F0A8A091FD346001CA)
|
||||
|
||||
## Sales
|
||||
|
||||
- [sales@distrust.co](mailto:sales@distrust.co)
|
||||
|
||||
|
||||
## General
|
||||
|
||||
- [team@distrust.co](mailto:team@distrust.co)
|
||||
|
|
Loading…
Reference in New Issue