public
/
website
5
0
Fork 0
Code Issues 4 Pull Requests 4 Packages Projects Releases Wiki Activity

Compare commits

base: public:1bc67ea96af5885b88ffad2d077ba69b8ebb4cff
Branches Tags
public:main
public:feat/fixes
public:feat/mysten-blog
public:feat/website-upgrades
public:lrvick/oci
...
compare: public:4111cd2eaffbcb97f07d34f5b75606c6e54f8180
Branches Tags
public:feat/fixes
public:main
public:feat/mysten-blog
public:feat/website-upgrades
public:lrvick/oci

40 Commits
1bc67ea96a ... 4111cd2eaf

Author SHA1 Message Date
Anton Livaja 4111cd2eaf
add taglines for preview 2025-03-18 18:36:09 -07:00
Anton Livaja 9aa78273c4
add unique thumbnails for all pages except contact 2025-03-18 18:26:42 -07:00
Anton Livaja 8c1eb2bc18
update thumbnail image to one with black background 2025-03-18 14:49:54 -07:00
Anton Livaja a635f8d803
fix open graph tags 2025-03-18 13:51:18 -07:00
Anton Livaja c49bc5a9ec
add thumbnail pic 2025-03-18 13:29:03 -07:00
Anton Livaja d46b5b662e
fix roadmap quote size on mobile 2025-03-18 08:00:35 -07:00
Anton Livaja 199885d2eb
update powered by section 2025-03-18 07:56:46 -07:00
Anton Livaja 0622b62643
more mobile responsivness fixes 2025-03-18 07:36:52 -07:00
Anton Livaja d49e454a74
fix order of mobile nav items 2025-03-18 07:09:28 -07:00
Anton Livaja 2a5742c9a4
fix services top margin for mobile 2025-03-18 07:05:05 -07:00
Anton Livaja 1c593d6870
add back style for landing page video 2025-03-17 20:48:18 -07:00
Anton Livaja 287415aab0
add fallback videos 2025-03-17 20:45:44 -07:00
Anton Livaja 91d77d6f55
more pill adjustments 2025-03-17 20:09:34 -07:00
Anton Livaja cae6b4ea1e
update pill color 2025-03-17 20:07:35 -07:00
Anton Livaja ac5ba433d4
more minor adjustments 2025-03-17 19:50:13 -07:00
Anton Livaja 35ef894156
fix submit mini text 2025-03-17 19:07:02 -07:00
Anton Livaja 1954d6e55a
many updates 2025-03-17 18:58:06 -07:00
Anton Livaja 175fa156bf
more nice tealeness 2025-03-17 12:56:29 -07:00
Anton Livaja 7d5a02957a
remove line from roadmap and make theme teal 2025-03-17 12:52:04 -07:00
Anton Livaja 30f5993f25
change roadmap cta 2025-03-17 12:29:14 -07:00
Anton Livaja 31c79c8a18
minor copy cleanup 2025-03-17 12:17:29 -07:00
Anton Livaja ad3dc87277
fix ctas and improve roadmap item copy 2025-03-17 11:34:40 -07:00
Anton Livaja 6008b5c6c9
minor changes 2025-03-16 18:02:40 -07:00
Anton Livaja 7ce2b212e5
fix team cards 2025-03-16 17:53:05 -07:00
Anton Livaja 01a2b79bb0
add visual for services 2025-03-16 17:22:44 -07:00
Anton Livaja eb37ae7888
fix contact form button color 2025-03-16 14:19:30 -07:00
Anton Livaja 9a6adaf9c3
fix cta button color 2025-03-16 14:14:24 -07:00
Anton Livaja 4428087c51
more styling 2025-03-16 14:09:47 -07:00
Anton Livaja 849c28d3c3
minor styling improvements 2025-03-16 13:20:25 -07:00
Anton Livaja 6a13fad03c
add visuals to landing and roadmap 2025-03-16 11:17:28 -07:00
Anton Livaja 44c5e2cc67
more mobile friendliness 2025-03-15 14:46:08 -07:00
Anton Livaja d6d51fb57f
fix footer 2025-03-15 14:23:24 -07:00
Anton Livaja 325129c261
add some mobile responsiveness 2025-03-15 14:13:57 -07:00
Anton Livaja 6052208509
fix roadmap line 2025-03-15 13:14:43 -07:00
Anton Livaja 483e569d06
fix contact form input field heights 2025-03-15 12:08:50 -07:00
Anton Livaja 42a7b0e9b5
animate nav bar items on hover 2025-03-15 07:01:43 -07:00
Anton Livaja 9520dbb3e7
make company learn more take you to roadmap 2025-03-15 06:42:38 -07:00
Anton Livaja 6d3c71e33a
re-order manifesto 2025-03-14 20:21:04 -07:00
Anton Livaja f3442b162a
make cool arrows 2025-03-14 20:20:13 -07:00
Anton Livaja 1aaf8b248f
big redesign 2025-03-14 19:45:15 -07:00
37 changed files with 2327 additions and 1193 deletions
Show Stats Expand all files Collapse all files

9
.editorconfig Normal file
View File

@ -0,0 +1,9 @@
root = true
[*]
indent_style = tab
indent_size = 2
end_of_line = lf
insert_final_newline = true
trim_trailing_whitespace = true

42
_config.yml
View File

@ -1,44 +1,22 @@
# Welcome to Jekyll!
#
# This config file is meant for settings that affect your whole blog, values
# which you are expected to set up once and rarely edit after that. If you find
# yourself editing this file very often, consider using Jekyll's data files
# feature for the data you need to update frequently.
#
# For technical reasons, this file is *NOT* reloaded automatically when you use
# 'bundle exec jekyll serve'. If you change this file, please restart the server process.
#
# If you need help with YAML syntax, here are some quick references for you:
# https://learn-the-web.algonquindesign.ca/topics/markdown-yaml-cheat-sheet/#yaml
# https://learnxinyminutes.com/docs/yaml/
#
# Site settings
# These are used to personalize your new site. If you look in the HTML files,
# you will see them accessed via {{ site.title }}, {{ site.email }}, and so on.
# You can create any custom variable you would like, and they will be accessible
# in the templates via {{ site.myvariable }}.
title: Distrust
email: lance@distrust.co
description: >- # this means to ignore newlines until "baseurl:"
Understand and mitigate security threats others won't see coming.
baseurl: "" # the subpath of your site, e.g. /blog
url: "https://distrust.co" # the base hostname & protocol for your site, e.g. http://example.com
banner: "https://distrust.co/assets/base/distrust-logo.png"
email: info@distrust.co
description: Security without blind trust.
baseurl: ""
url: "https://distrust.co"
banner: "https://distrust.co/assets/base/distrust-thumbnail.png"
header_pages:
- index.md
- about.md
- services.md
- tools.md
- roadmap.md
- company.md
- contact.md
style: dark # dark (default), light or hacker
listen_for_clients_preferred_style: false # false (default) or true
style: dark
listen_for_clients_preferred_style: false
footer: '2024 Distrust, LLC'
footer: '© 2025 Distrust LLC'
# Build settings
theme: jekyll-theme-console
# Exclude from processing.

14
_includes/footer.html
View File

@ -1,4 +1,14 @@
<footer style="height: 40px">
<span><img src="assets/base/distrust-white.svg" width="20px" alt="copyleft"/></span> {{ site.footer }}
<footer>
<div class="footer-container">
<div>
{{ site.footer }}
</div>
<div>
<a class="footer-link" href="/services.html">Services</a>
<a class="footer-link" href="/roadmap.html">Roadmap</a>
<a class="footer-link" href="/company.html">Company</a>
<a class="footer-link" href="/contact.html">Contact</a>
</div>
</div>
<script type="text/javascript" src="/assets/js/main.js"></script>
</footer>

61
_includes/head.html
View File

@ -10,33 +10,50 @@
{% if page.noindex %}
<meta name="robots" content="noindex" />
{% endif %} {% if page.title %}
<meta content="{{ page.title }}" property="og:title" />
{% endif %}
{% if page.title %}
<meta content="{{ page.tagline }}" property="og:title" />
<meta content="article" property="og:type" />
{% else %}
<meta content="{{ site.banner }}" property="og:image" />
<meta content="{{ site.title }}" property="og:title" />
<meta content="website" property="og:type" />
{% endif %} {% if page.summary %}
{% endif %}
{% if page.summary %}
<meta content="{{ page.summary }}" property="og:description" />
{% else %}
<meta content="{{ site.description }}" property="og:description" />
{% endif %} {% if page.url %}
{% endif %}
{% if page.url %}
<meta content="{{ site.url }}{{ page.url }}" property="og:url" />
{% endif %} {% if page.date %}
{% endif %}
{% if page.date %}
<meta
content="{{ page.date | date_to_xmlschema }}"
property="article:published_time"
/>
<meta content="{{ site.url }}/about/" property="article:author" />
{% endif %} {% if page.thumbnail %}
{% endif %}
{% if page.thumbnail %}
<meta content="{{ site.url }}{{ page.thumbnail }}" property="og:image" />
{% endif %} {% if page.categories %} {% for category in page.categories
limit:1 %}
{% else %}
<meta content="{{ site.banner }}" property="og:image" />
{% endif %}
{% if page.categories %}
{% for category in page.categories limit:1 %}
<meta content="{{ category }}" property="article:section" />
{% endfor %} {% endif %} {% if page.tags %} {% for tag in page.tags %}
{% endfor %}
{% endif %}
{% if page.tags %}
{% for tag in page.tags %}
<meta content="{{ tag }}" property="article:tag" />
{% endfor %} {% endif %}
{% endfor %}
{% endif %}
<!-- Twitter Cards -->
<meta name="twitter:card" content="summary" />
@ -51,18 +68,21 @@
{% if page.url %}
<meta name="twitter:url" content="{{ site.url }}{{ page.url }}" />
{% endif %} {% if page.summary %}
{% endif %}
{% if page.summary %}
<meta name="twitter:description" content="{{ page.summary }}" />
{% else %}
<meta name="twitter:description" content="{{ site.description }}" />
{% endif %} {% if page.header-img %}
{% endif %}
{% if page.header-img %}
<meta
name="twitter:image:src"
content="{{ site.url }}{{ page.thumbnail }}"
/>
{% endif %}
{% if page.robots %}
<meta name="robots" content="{{page.robots}}" />
{% endif %}
@ -79,17 +99,14 @@
<div class="menu-content" style="display: none">
<div class="inner-menu-content">
<div>
<a href="/index.html">Home</a>
</div>
<div>
<a href="/about.html">About</a>
</div>
<div>
<a href="/services.html">Services</a>
</div>
<div>
<a href="/tools.html">Tools</a>
<a href="/roadmap.html">Roadmap</a>
</div>
<div>
<a href="/company.html">Company</a>
</div>
<div>
<a href="/contact.html">Contact</a>

2
_includes/header.html
View File

@ -18,7 +18,7 @@
{%- endif -%}
{%- endfor -%}
<li class="show">
<a href="/contact.html" class="mega button">Free Consultation</a>
<a href="/contact.html" class="mega-inverted button">Work with us</a>
</li>
</ul>
<div id="hamburger-menu" class="hide menu-button-container" for="menu-toggle">

102
_layouts/about.html
View File

@ -1,102 +0,0 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<section>
<h2>About Distrust</h2>
<p>Distrust was founded in order to improve the security, privacy and freedom of individuals and organizations and promote principles of Open Source software worldwide. We specialize in helping organizations reduce risk through a holistic first principles approach rather than simply checking boxes according to often outdated "best practices".
</p>
<p>Close collaboration with our clients allows us to attain a deep understanding of technology stacks which we use to help teams refine threat models and ensure that the mitigating controls being used establish a reasonable level of security accordingly. We do this by offering variety of services which are tailored to fit the client needs, ranging across penetration tests, secure code review, threat modelling, system architecture design, supply chain security, infrastructure hardening, and more. One of our specialties is designing secure systems for management of cryptographic material, especially in the context of blockchains.
</p>
<p>Our clients are varied, many of them from high risk areas such as financial institutions, blockchain companies managing large quantities of cryptocurrency and electrical grid operators to name a few. We proudly continue to support such organizations, and use the knowledge we have attained to aid all our clients in achieving a better security posture.</p>
</section>
<section>
<h2>Approach</h2>
<p>Like most security firms, we often start relationships with full stack audits. We also have enough experience in this industry to admit another firm will find bugs we missed, and vice versa. Our true goal in audits is to understand your threat model and find a path to fundamentally remove entire classes of relevant attack surface.</p>
<p>We tend to start with a consultation where try to help you understand your true attack surface by answering tough questions:</p>
<ul>
<li>Can your Google Authenticator codes be phished?</li>
<li>Can your SMS 2FA solution be SIM Swapped?</li>
<li>Can someone tamper with your Git repos or CI/CD systems?</li>
<li>Would it be profitable for someone to buy a $50,000 0day to compromise an employee devices?</li>
<li>What happens when the FedEx guy leaves a tampered USB C cable on a conference table?</li>
<li>Who reviews the code of your third party dependencies?</li>
<li>What happens when your IT administrator is compromised? Or a production engineer?</li>
<li>Can a change in local political landscape fundamentally halt your business?</li>
<li>Can someone buy a server next to yours and steal your secrets via a side channel attack?</li>
<li>How do you know the offline laptop with the keys to the kingdom has not been tampered with?</li>
<li>Do you have a plan for <i>when</i> your production systems are compromised?</li>
</ul>
<div class="button-container">
<a href="/contact.html" class="mega button">Free Consultation</a>
</div>
</section>
<section>
<h2>Values</h2>
<br />
<h4>Distrust</h4>
<ul>
<li>We will never ask you to give us access to production systems or have any power over your org.</li>
<li>Anyone with access to significant value is at personal risk. We teach distrust to protect people.</li>
<li>We will always provide a way for you to build and verify any binaries we provide.</li>
<li>We are happy to provide you any background research we legally can so you can make your own conclusions.</li>
</ul>
<br />
<h4>Transparency</h4>
<ul>
<li>We regularly open source our research and common advice to get input and corrections from others in our industry.</li>
<li>Prices are always the same. We will sometimes adjust based on demand, but everyone is offered the same rates.</li>
<li>With the exception of fully Open Source projects, which we offer a universal 15% discount on.</li>
</ul>
<br />
<h4>Security</h4>
<ul>
<li>Our internal threat model assumes well funded entities are interested in our clients and our work.</li>
<li>All client work is performed in dedicated local virtual machines under an offline host OS.</li>
<li>All authentication, and password management is done via dedicated pin+touch controlled personal HSMs.</li>
<li>We exclusively use End-To-End cross-verified encrypted chat internally.</li>
</ul>
<br />
<h4>Privacy</h4>
<ul>
<li>Your data and IP are always stored with AES256 encryption unlockable only with our personal HSMs.</li>
<li>Your data and IP are never exposed in plain text except on your systems or systems we physically control.</li>
<li>Everyone on our team has hardware-backed PGP keys to encrypt documents and emails if you prefer.</li>
</ul>
<br />
<h4>Freedom</h4>
<ul>
<li>We feel every customer has a path to not need us anymore, and we will encourage it.</li>
<li>We exclusively use Open Source internally and help make improvements when needed.</li>
<li>All general purpose security tools and research we create is Open Source by default.</li>
<li>We ensure you have a free path to replicate any of our findings yourself.</li>
<li>We will always favor solutions that minimize lock-in with third parties.</li>
</ul>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

102
_layouts/company.html Normal file
View File

@ -0,0 +1,102 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<section style="margin-top: 170px">
<div class="video-background-container">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/globe.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/globe.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<br>
<br>
<div class="about-special video-content" style="max-width: 700px">
<br>
<h2>the world is built on blind trust. we are here to change that.</h2>
<br>
<br>
<br>
<p class="hero-p">Too often, security is an afterthought—based on dogma, checklists, and outdated best practices. Distrust was founded to redefine security by developing new methods to eliminate single points of failure, and building systems in a manner where they don't need to be blindly trusted.
</p>
<p class="hero-p">We dont just advise on security. We build it. We open-source it. And we teach organizations how to think critically about risk—because security isnt about checking boxes.
</p>
<a href="/roadmap.html" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</section>
<section class="flex-container who-we-are-section">
<div class="team flex-container-inner">
<div class="team flex-container" style="margin-bottom: 0px">
<div class="flex-container-inner card">
<h5>Lance Vick</h5>
<p>Co-Founder</p>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/6B61ECD76088748C70590D55E90A401336C8AAA9">PGP: 36C8AAA9</a>
</div>
<div class="flex-container-inner card">
<h5>Anton Livaja</h5>
<p>Co-Founder</p>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D">PGP: 52E0BA4D</a>
</div>
</div>
<div class="flex-container">
<div class="flex-container-inner card">
<h5>Ryan Heywood</h5>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/88823A75ECAA786B0FF38B148E401478A3FBEF72">PGP: A3FBEF72</a></p>
</div>
<div class="flex-container-inner card">
<h5>Danny Grove</h5>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD">PGP: 193F2DBD</a>
</div>
</div>
</div>
<div class="flex-container-inner who-we-are">
<h2 class="gradient-text">who we are</h2>
<p class="hero-p" style="max-width: 550px">Distrust is made up of engineers behind some of the most security-critical projects in the world—including BitGo, Turnkey, and Unit410.</p>
<p class="hero-p" style="max-width: 550px">Weve helped hundreds of companies by conducting security reviews, building out their security infrastructure, and aiding them in launching products which can withstand the modern threat landscape. We dont just secure systems. We build them.</p>
<div class="button-container">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</div>
</section>
<section class="flex-container tall-section">
<div class="flex-container-inner">
<h2 class="gradient-text">our manifesto</h2>
<p class="hero-p">Every day, we apply these guiding principles to how we think, build, and secure systems.</p>
</div>
<div class="flex-container-inner">
<ol dir="rtl" style="font-size: 30px; text-align: right">
<li>eliminate centralized trust</li>
<li>open source everything</li>
<li>security beyond compliance</li>
<li>move thoughtfully and improve things</li>
<li>impact over profit</li>
</ol>
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

100
_layouts/contact.html
View File

@ -1,92 +1,89 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<h2>What are your biggest security challenges?</h2>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<h3>Contact us to take your security posture to the next level.</h3>
<p>We look forward to learning about your project and helping you bolster your security program.</p>
<h4>Meet The Team</h4>
<p>Lance Vick | <a mailto="lance@distrust.co">lance@distrust.co</a> | <a href="https://keys.openpgp.org/vks/v1/by-fingerprint/6B61ECD76088748C70590D55E90A401336C8AAA9">PGP</a></p>
<p>Ryan Heywood | <a mailto="ryan@distrust.co">ryan@distrust.co</a> | <a href="https://keys.openpgp.org/vks/v1/by-fingerprint/88823A75ECAA786B0FF38B148E401478A3FBEF72">PGP</a></p>
<p>Danny Grove | <a mailto="danny@distrust.co">danny@distrust.co</a> | <a href="https://keys.openpgp.org/vks/v1/by-fingerprint/C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD">PGP</a></p>
<p>Anton Livaja | <a mailto="anton@distrust.co">anton@distrust.co</a> | <a href="https://keys.openpgp.org/vks/v1/by-fingerprint/F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D">PGP</a></p>
<p>Shane Engleman | <a mailto="shane@distrust.co">shane@distrust.co</a> | <a href="https://keys.openpgp.org/vks/v1/by-fingerprint/3D7C8D39E8C4DF771583D3F0A8A091FD346001CA">PGP</a></p>
<section class="capsule-header">
<div class="center">
<div class="capsule">contact</div>
</div>
<br>
<h2 class="gradient-text center contact-header">tell us about your biggest security challenges</h2>
</section>
<section class="flex-container" style="margin-top: 80px">
<div class="flex-container-inner">
<div class="form-container">
<div class="form-container card">
<form onsubmit="return validateForm()" action="/submit-email" method="post">
<div class="form-flex-container">
<div>
<label for="name" class="form-label">Name</label>
<label for="name" class="form-label">Your name</label>
<input type="text" id="name" name="name" class="form-input">
</div>
</div>
<label for="email" class="form-label required">Email</label>
<input type="email" id="email" name="email" class="form-input" required>
<label for="email" class="form-label required">Your email</label>
<input placeholder="Enter your business email..." type="email" id="email" name="email" class="form-input" required>
<label for="company-name" class="form-label">Company Name</label>
<label for="company-name" class="form-label">Company name</label>
<input type="text" id="company-name" name="company-name" class="form-input">
<label for="service" class="form-label required">Service You Are Interested In</label>
<label for="service" class="form-label required">What service are you interested in?</label>
<select id="service" name="service" class="form-select" required>
<option value="" disabled selected>Select option</option>
<option value="digital-asset-custody">Digital Asset Custody (threat modelling, design,
tooling,
system architecture, security assessments)</option>
<option value="blockchain-security">Blockchain Security (smart contracts, system
architecture
design)</option>
<option value="software-security-assessment">Software Security Assessment (penetration
tests, code
reviews, threat modelling, system architecture design, infrastructure hardening,
operating
system etc.)</option>
<option value="engineering">Engineering (tooling development, devops engineering)
</option>
<option value="software-security-assessment">Security assessment</option>
<option value="retained">Retainer / Fractional CISO</option>
<option value="engineering">Software engineering</option>
<option value="digital-asset-custody">Digital asset custody</option>
<option value="general-inquiry">General inquiry</option>
</select>
<label for="help" class="form-label required">How can we help?</label>
<textarea id="help" name="help" class="form-textarea" required></textarea>
<label for="hear-about" class="form-label">How did you hear about Distrust?</label>
<select id="hear-about" name="hear-about" class="form-select" onchange="toggleOtherField()">
<option value="" disabled selected>Select option</option>
<option value="referral">Referral</option>
<option value="social-media">Social Media</option>
<option value="audit-report">Audit Report</option>
<option value="other">Other</option>
</select>
<div id="other-field" style="display:none;">
<input type="text" id="other-source" name="other-source" class="form-input" placeholder="Please specify">
</div>
<!-- TODO: add captcha of some sort -->
<button type="submit" class="form-submit-button">Submit</button>
<button type="submit" class="contact-button">Submit</button>
<p class="center submit-policy">We respect your privacy. The information you provide will only be used to respond to your inquiry and will never be shared externally.</p>
</form>
</div>
</div>
</section>
<section style="margin-bottom: 0px">
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
</main>
<br />
{%- include footer.html -%}
</div>
</body>
</body>
<script>
<script>
function toggleOtherField() {
var hearAbout = document.getElementById('hear-about').value;
var otherField = document.getElementById('other-field');
@ -114,6 +111,5 @@
}
return true;
}
</script>
</script>
</html>

248
_layouts/landing.html
View File

@ -1,189 +1,105 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<section class="flex-container">
<div class="video-background-container">
<video autoplay muted loop playsinline style="left: 85%; width: 200px !important" class="video-background">
<source src="assets/videos/landing-globe.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/landing-globe.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container video-content landing-page-header">
<div class="flex-container-inner">
<div class="text-well">
<h2>Understand and mitigate security threats others won't see coming.</h2>
<p>We believe security compromises to your systems and personnel are <b>inevitable</b>. Allow our team of experienced security engineers to help you reduce the likelihood and impact of risks by thinking from first principles.</p>
<h1 class="gradient-text hero-header landing-header">security without blind trust</h1>
<p class="hero-p" style="margin-top: 0px">Distrust applies a first principles approach to securing mission critical infrastructure. No guessing, no shortcuts, only verifiable security.</p>
<br />
<a href="/contact.html" class="mega button">Free Consultation</a>
<a href="/contact.html" class="mega button">Work with us</a>
<br />
</div>
</div>
<div class="flex-container-inner carousel-container">
<div id="carousel"></div>
<div class="flex-container-inner">
</div>
</section>
<section class="mid-tall-section">
<div class="flex-container-inner">
<div class="text-well center">
<h4 class="carousel-title" >trusted by industry leaders</h4>
</div>
</div>
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
<section>
<div class="center">
<div class="capsule">what we do</div>
</div>
<br>
<div style="margin-left: 10px; font-size: 14px">
<a style="color: rgb(73, 73, 73)" href="../assets/js/carousel-items.json">Full list of articles</a>
<h3 class="gradient-text center">our services today, our vision for tomorrow</h3>
<br>
<div class="flex-container">
<a href="/services.html" class="arrow-link">
<div class="flex-container-inner card">
<div class="text-well">
<h4>services</h4>
<p>We dont just assess risks—we eliminate them. Our first principles approach removes single points of failure, protects mission-critical systems, and ensures verifiable security. Whether you need a full audit, architecture review, incident response, or ongoing retained support we have you covered.</p>
<br>
Learn more
<span class="arrow">&#x2192;</span>
</div>
</div>
</a>
<a href="/roadmap.html" class="arrow-link">
<div class="flex-container-inner card roadmap-card roadmap-card-teal" style="background: #00191E; border: 1px solid #01586A">
<div class="text-well">
<h4>roadmap</h4>
<p>Security is always evolving—so are we. Distrust is building the next generation of security infrastructure that eliminates reliance on any single computer, person, or system. Using full-source bootstrapping, determinism, and quorum-based security, we ensure verifiable, trustless protection at every layer.</p>
<br>
View roadmap
<span class="arrow">&#x2192;</span>
</div>
</div>
</a>
</div>
</section>
<section class="">
<div class="flex-container-inner">
<div class="text-well">
<h2>We specialize in working with high risk clients.</h2>
<p>If you protect valuable assets or data, or provide software to others that do, your adversaries will not play fair. We want to help you protect your team and users, and remove single points of failure in your stack.</p>
</div>
</div>
<br />
<div class="flex-container-inner">
<div class="companies">
<div>
<a href="https://coinbase.com">
<img style="height: 30px" src="assets/base/companies/coinbase-white.svg" />
</a>
</div>
<div>
<a href="https://bitgo.com">
<img src="assets/base/companies/bitgo-logo-white.svg" />
</a>
</div>
<div>
<a href="https://bishopfox.com">
<img style="height: 30px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);" src="assets/base/companies/bishop-fox-dark.png" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="http://www.falconx.io/">
<img style="height: 20px" src="assets/base/companies/falconx-white.svg" />
</a>
</div>
<div>
<a href="http://www.turnkey.io/">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" />
</a>
</div>
<div>
<a href="https://exodus.com">
<img src="assets/base/companies/exodus-white.svg" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="https://siderolabs.com">
<img style="height: 60px" src="assets/base/companies/sidero-labs-white.png" />
</a>
</div>
<div>
<a href="https://zoom.com">
<img style="height: 35px;" src="assets/base/companies/zoom-white.png" />
</a>
</div>
<div>
<a href="https://mystenlabs.com">
<img style="height: 25px" src="assets/base/companies/mysten-labs-white.svg" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="http://www.ankr.com/">
<img style="height: 75px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);" src="assets/base/companies/ankr.png" />
</a>
</div>
<div>
<a href="http://www.hashicorp.io/">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" />
</a>
</div>
<div>
<a href="http://www.b1.com/">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="http://www.ledn.io/">
<img src="assets/base/companies/ledn-white.svg" />
</a>
</div>
<div>
<a href="https://fitbit.com">
<img src="assets/base/companies/fitbit-white.png" />
</a>
</div>
<div>
<a href="https://dfns.co">
<img src="assets/base/companies/dfns-color.png" />
</a>
</div>
</div>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>
<section class="">
<div class="flex-container-inner" style="align-items: baseline">
<div class="text-well">
<h1>Services</h1>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, want to create or improve an open source security tool, or want to focus on assessing a specific aspect of your organization or system - we are here to help. Our experienced staff will collaborate closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
<div class="button-container">
<a class="button" href="/services.html">Learn more</a>
<a href="/contact.html" class="mega button">Free Consultation</a>
</div>
</div>
</div>
<div class="flex-container-inner">
<div class="">
<br />
<hr />
<br />
</div>
<div class="text-well">
<h3>Security Assessment</h3>
<p>We offer full stack security assessments, covering anything that is in scope for a sophisticated adversary, such as compromising a third party library, bribing a devops engineer, finding a oversight in your code, or otherwise. While we will point out specific flaws we find, we feel we offer the most value in helping you identify where you can make strategic improvements to your architecture to take entire classes of risk off the table.</p>
</div>
<br />
<hr />
<br />
<div class="text-well">
<h3>Security Engineering</h3>
<p>Our team is comprised of security engineers with past lives as full time system administrators and software engineers. We have extensive first hand experience in implementing custom security defenses for high risk organizations. We are happy to get as deep into the weeds planning new defense strategies as you like, from Linux kernel hardening, to supply chain signing, to code quality, library choices, and beyond.</p>
</div>
<br />
<hr />
<br />
<div class="text-well">
<h3>Retained Security Support</h3>
<p>We offer monthly retainer contracts to augment your existing security team with access to our combined experience as needed. You can drop questions to our team in a chat, or include us in security-relevant meetings. Almost anything an in-house security team might do to protect your organization is in scope for us as well, including qualifying candidates, conducting interviews, reviewing code, evaluating third party risks, or being a security voice in the room when you are planning new products.</p>
</div>
<br />
<hr />
<br />
<div class="text-well">
<h3>Research & Development</h3>
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique situations. If we are doing public work you would like to see more of, or that -almost- meets your needs, we would love to hear that and figure out a path to see your needs met.</p>
</div>
</div>
<div class="button-container">
<a href="/contact.html" class="mega button">Free Consultation</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</body>
</html>

503
_layouts/roadmap.html Normal file
View File

@ -0,0 +1,503 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<div class="video-background-container">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/turq-blocks.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/turq-blocks.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content" style="margin-top: 80px">
<div class="flex-container-inner" style="padding-top: 0px">
<div class="text-well center">
<div class="capsule-teal">roadmap</div>
<br>
<h1 style="max-width: 1000px; margin: auto">verifiable security without single points of failure</h1>
<br>
<p class="hero-p center">Most systems still rely on single individuals or computers, unverifiable software, and opaque processes. Were redesigning security for transparency from the ground up.</p>
<div class="button-container center">
<a href="#roadmap" class="mega-teal button">View roadmap</a>
</div>
</div>
</div>
</section>
<section class="flex-container mid-tall-section">
<div class="flex-container-inner">
<h3>creating the building blocks for provable security</h3>
<p class="hero-p">Modern software systems still rely on trust in individuals—maintainers, IT admins, or third-party providers. But what happens when they are compromised? How do you verify that the software running on your systems hasnt been tampered with?</p>
<p class="hero-p">Weve identified critical missing pieces needed to remove single points of failure at every level. Our approach covers the complete lifecycle of software from your toolchains and dependencies to how your code is built, signed, verified and deployed.</p>
<p class="hero-p">By combining multi-party trust, remote attestation, and bit-for-bit reproducibility, we are methodically eliminating trust assumptions, ensuring security isnt just a claim—its provable.</p>
<a href="#roadmap" class="arrow-link">
See what we're building
<span class="arrow">&#x2192;</span>
</a>
</div>
<div class="flex-container-inner"></div>
</section>
<span class="roadmap" id="roadmap">
<h2 class="center gradient-text">our roadmap</h2>
<p style="margin-top: 20px" class="hero-p center">We are actively working on a number of different projects, and looking to fund others. Here is what's on the way and what's coming next.</p>
<section id="sourceid" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">SourceId</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">source code integrity</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>SourceId ensures that source code integrity is verifiable. It prevents tampering of archives and other formats used for delivering source code by standardizing code and generating a hash-based fingerprint of the tree which includes all essential files.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/sourceid" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="sigrev" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">SigRev</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">crowdsourced code review</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>SigRev is a crowdsourcing framework extending SourceID with signed code reviews. It enhances open-source security by making comprehensive manual reviews discoverable, overcoming the limitations of static analysis tools.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/sigrev" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="stagex" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">StageX</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">deterministic reproducibility</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>StageX is a hermetic, deterministic and reproducible toolchain providing multi-signed OCI images for popular software. This approach removes single points of failure in sofware builds.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://codeberg.org/stagex/stagex" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="repros" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">ReprOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">ephemeral build environments</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>ReprOS is a bare-bones immutable OS designed for securely reproducing and signing software. Each build is executed in a one-time use environment, eliminating persistent risks.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://codeberg.org/stagex/repros" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="keyfork" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Keyfork</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">deterministic key management</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>Keyfork simplifies cryptographic material management by deriving any number or type of keys from a single entropy source. This greatly simplifies secret management complexity while maintaining security.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/keyfork" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="icepick" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Icepick</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">cryptographic operations</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>Icepick provides a framework for offline verified cryptographic signing operations. Its modular design provides a unified interface for a wide range of cryptographic signing tasks.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/keyfork" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="airgapos" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">AirgapOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">air-gapped OS</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>AirgapOS is a minimal, immutable offline first environment for secret management. It ships with a swiss-army knife of tools and an extensibility framework to cover most secure administration needs.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#icepick">
<div class="capsule-transparent">Icepick</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/airgap" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="bootproof" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Bootproof</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">remote attestation</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>Bootproof provides a way to prove what software booted on a given system by leveraging platform hardware or firmware remote attestation technologies.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/bootproof" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="enclaveos" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">EnclaveOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">trusted execution environments</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>EnclaveOS is a minimal and immutable operating system for running security critical software with high accountability. It can be extended to support multi-party management of secrets such that no person can control them alone.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/enclaveos" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="vault" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Vault</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">prescriptive key management</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>Detailed set of practices, ceremonies and documentation for generating, backing up and using secrets that you can't afford to lose. Combines the best of tactics of major custodians as an open framework available for everyone.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#airgapos">
<div class="capsule-transparent">AirgapOS</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#icepick">
<div class="capsule-transparent">Icepick</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://qvs.distrust.co/" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
</span>
<section class="flex-container">
<div class="flex-container-inner"></div>
<div class="flex-container-inner">
<h4 class="quote" style="filter: brightness(50%)">❝Our mission is to use our knowledge to improve the security, privacy, and freedom of as many individuals as possible. We believe having verifiable foundations on which technologies can be built is a fundamental step toward improving the wellbeing of our species and solving the coordination problem.❝ — Distrust team</h4>
</div>
</section>
<section style="margin-bottom: 0px;" class="flex-container">
<div class="flex-container-inner">
<h2 class="powered-header gradient-text center">powered by distrust</h2>
<p class="hero-p center" style="margin-top: 20px; max-width: 700px">Companies are already choosing to adopt our methodologies and tooling to help secure their systems.<p>
</div>
</section>
<section style="margin-top: 40px;" class="flex-container powered-by">
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/turnkey-black.svg" style="filter: invert(100)">
<p>Using StageX and ReprOS to improve their supply chain security story.</p>
<a href="https://whitepaper.turnkey.com/foundations#abstract" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/mysten-labs-white.svg" style="width: 250px">
<p>The SUI cryptocurrency is leveraging StageX to build their nodes in a deterministic manner in order to eliminate single points of failure.</p>
<a href="https://github.com/MystenLabs/sui/issues/13476" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/sidero-labs-white.png" style="filter: grayscale(); width: 150px">
<p>Using StageX to build their widely used Talos Linux distribution specialized in delivering kubernetes features.</p>
<a href="https://github.com/siderolabs/talos/releases/tag/v1.10.0-alpha.2" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">want to help with our vision?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">If you would like to help us, please sponsor our work or get involved as a contributor.</p>
<div class="button-container center">
<a href="/contact.html" class="mega-teal button">Get in touch</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

157
_layouts/services.html
View File

@ -1,95 +1,130 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<section class="flex-container">
<div class="video-background-container" style="top: 350px">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/swirly-lines.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/swirly-lines.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content">
<div class="flex-container-inner">
<div class="text-well">
<h2>How can we help you?</h2>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, want to create or improve an open source security tool, or want to focus on assessing a specific aspect of your organization or system - we are here to help. Our experienced staff will collaborate closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
<div class="text-well center">
<div class="text-well" style="text-align: center; margin: auto">
<div class="capsule">services</div>
</div>
<br>
<h1 class="services-header hero-title gradient-text hero-header">
hire Distrust to solve your hardest security challenges
</h1>
<br>
<p class="hero-p center">Built by engineers behind BitGo, Unit410, and Turnkey, we apply hard-earned lessons from securing critical infrastructure to build transparent, resilient, and universally applicable security solutions.</p>
<div class="button-container">
<a href="/contact.html" class="mega button">Free Consultation</a>
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</div>
</div>
<div class="flex-container-inner">
</div>
</section>
<section class="flex-container">
<section class="flex-container mid-tall-section">
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Assessment</h3>
<p>We offer full stack security assessments, covering anything that is in scope for a sophisticated adversary, such as compromising a third party library, bribing a devops engineer, finding an oversight in your code, or otherwise. While we will point out specific flaws we find, we feel we offer the most value in helping you identify where you can make strategic improvements to your architecture to take entire classes of risk off the table.</p>
</div>
</div>
<div class="flex-container-inner">
<h3>security assessments</h3>
<p style="max-width: 540px">Our assessments go beyond identifying vulnerabilities—we strategically eliminate risks at their source. Using a first-principles methodology, we pinpoint single points of failure and deliver clear, actionable recommendations to secure your systems against sophisticated threats.</p>
<ul>
<li>Penetration Testing</li>
<li>Secure Code Review</li>
<li>Cloud Configuration Review</li>
<li>Threat Modeling</li>
<li>Secure architecture review</li>
<li>Threat modeling</li>
<li>Penetration testing</li>
<li>Secure code review</li>
</ul>
<br>
<a href="/contact.html" class="arrow-link">
Schedule an assessment
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well">
<h3>retainer or fractional CISO</h3>
<p style="max-width: 540px">Gain continuous, high-level security leadership tailored precisely to your organization's needs. We work closely with your teams, providing strategic security direction, eliminating blind trust, and protecting critical infrastructure from sophisticated threats.</p>
<ul>
<li>Security program development</li>
<li>Incident response</li>
<li>Due diligence</li>
<li>Vetting security talent</li>
</ul>
<br>
<a href="/contact.html" class="arrow-link">
Work with us
<span class="arrow">&#x2192;</span>
</a>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner"></div>
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Engineering</h3>
<p>Our team is comprised of security engineers with past lives as full time system administrators and software engineers. We have extensive first hand experience in implementing custom security defenses for high risk organizations. We are happy to get as deep into the weeds planning new defense strategies as you like, from Linux kernel hardening, to supply chain signing, to code quality, library choices, and beyond.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Secure Code Development</li>
<li>Cryptocurrency Custodial Solutions</li>
<li>Quorum Authentication Design and Implementation</li>
<li>Cryptographic Key Escrow / Signer</li>
<li>Reproducible / Deterministic Builds</li>
<li>Production Engineering Practice</li>
<h2 class="gradient-text why-distrust">why Distrust?</h2>
<p>
Why choose Distrust? Because security shouldn't be based on blind trust, it should be based on <b>dis</b>trust, and verifiability. Most organizations treat cybersecurity like people once treated hygiene—poorly.
</p>
<p>At Distrust, we've identified fundamental methods to eliminate entire categories of risk at their source. Similarly to how handwashing revolutionized public health by preventing unseen threats like bacteria, our first-principles security methodology brings new levels of security to our clients by eliminating single points of failure, and providing verifiable, resilient protection for critical systems.
</p>
<ul class="narrow-list">
<li><b>First-principles security</b> 
<p>Attack surface area reduction through eliminating root causes.</p>
</li>
<li><b>Proven methodology</b>
<p>Methodology tested in high-stakes, mission-critical environments.</p>
</li>
<li><b>Seamless collaboration</b>
<p>Clear, actionable engagement steps—start immediately.</p>
</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Retained Security Support</h3>
<p>We offer monthly retainer contracts to augment your existing security team with access to our combined experience as needed. You can drop questions to our team in a chat, or include us in security-relevant meetings. Almost anything an in-house security team might do to protect your organization is in scope for us as well, including qualifying candidates, conducting interviews, reviewing code, evaluating third party risks, or being a security voice in the room when you are planning new products.</p>
<section class="">
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Security Program Development</li>
<li>General Security Consulting</li>
<li>Assistance With Hiring Security Talent</li>
<li>Business Continuity Planning</li>
<li>Physical Security</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Research</h3>
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique needs. If we are doing public work you would like to see more of, or that <i>almost</i> meets your needs, we would love to hear from you and figure out a path to see your needs met.</p>
</div>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</body>
</html>

122
_layouts/tools.html
View File

@ -1,122 +0,0 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h2>Tools</h2>
<p>Distrust develops open source tooling to help make the internet a safer place!</p>
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique needs. If we are doing public work you would like to see more of, or that <i>almost</i> meets your needs, we would love to hear from you and figure out a path to see your needs met.</p>
</div>
</div>
<div class="flex-container-inner">
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>AirgapOS</h3>
<a href="https://git.distrust.co/public/airgap" target="_blank" rel="noopener noreferrer">https://git.distrust.co/public/airgap</a>
<p>A live buildroot based Linux distribution designed for managing secrets offline.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Deterministic binary verification</li>
<li>Small footprint (< 100MB)</li>
<li>Immutable and diskless</li>
<li>Network drivers removed</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Keyfork</h3>
<a href="https://git.distrust.co/public/keyfork" target="_blank" rel="noopener noreferrer">https://git.distrust.co/public/keyfork</a>
<p>An opinionated and modular toolchain for generating and managing a wide range of cryptographic keys offline and on smartcards from a shared bip39 mnemonic phrase..</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>BIP39 style key derivation from OS or hardware entropy</li>
<li>Sharding mechanism allows "M-of-N" recovery</li>
<li>Built deterministically</li>
<li>Intended for use with air-gapped systems</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>StageX</h3>
<a href="https://codeberg.org/stagex/stagex" target="_blank" rel="noopener noreferrer">https://codeberg.org/stagex/stagex</a>
<p>Minimalism and security first repository of reproducible and multi-signed OCI images of common open source software toolchains full-source bootstrapped from Stage 0 all the way up.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Fully verifiable and deterministic build toolchain</li>
<li>Deterministic packages of commonly used software (rust, go, openssl, curl and many more)</li>
<li>Flexible drop in replacement for existing software</li>
<li>Available on <a href="https://hub.docker.com/u/stagex" target="_blank" rel="noopener noreferrer">dockerhub</a></li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>EnclaveOS</h3>
<a href="https://git.distrust.co/public/enclaveos" target="_blank" rel="noopener noreferrer">https://git.distrust.co/public/enclaveos</a>
<p>A minimal, immutable, and deterministic Linux unikernel build system targeting various Trusted Execution Environments for use cases that require high security and accountability.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Immutable: Root filesystem is a CPIO filesystem extracted to a RamFS at boot</li>
<li>Minimal: < 5MB footprint and nothing is included but a kernel and your target binary by default</li>
<li>Deterministic: multiple people can reproduce the build and verify its integrity</li>
<li>Hardened: No TCP/IP network support, most unnecessary kernel features disabled and follows <a href="https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project" target="_blank" rel="noopener noreferrer">Kernel Self Protection Project</a> recommendations</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>git-sig</h3>
<a href="https://git.distrust.co/public/git-sig" target="_blank" rel="noopener noreferrer">https://git.distrust.co/public/gitsig</a>
<p>The simple multisig toolchain for git repos.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Attach any number of signatures to any given git ref</li>
<li>Verify git history contains a minimum threshold of unique commit signatures</li>
<li>Verify signatures belong to a defined GPG alias group</li>
<li>Verify code changes made since last time minimum valid signatures were present</li>
</ul>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

15
_sass/_dark.scss
View File

@ -8,12 +8,23 @@
--border: solid 2px rgba(219, 219, 219, 0.9);
--selection-background: rgba(219, 219, 219, 0.99);
--selection-text: #000;
--background-color: #141414;
--background-color: #0F0F0F;
--text-color: var(--base-color);
--placeholder-color: rgba(0, 0, 0, 0.5);
--link-color: var(--base-color);
/* yoinkt from Material Design 2014, Deep Purple A200 */
--mega-color: #7c4dff;
--purple: #7C4DFF;
--light-purple: #A998ED;
--mid-purple: #473C68;
--dark-purple: #241846;
--light-teal: #6DD4F1;
--mid-teal: #02CAF2;
--dark-teal: #01586A;
--void-teal: #00191E;
--pink: #F048B5;
--light-grey: #9A9A9A;
--mid-grey: #292929;
--dark-grey: #120F1A;
--code-color-1: #aaaaaa;
--code-color-2: #ffffcc;
--code-color-3: #F00000;

2
_sass/_light.scss
View File

@ -12,6 +12,8 @@
--text-color: var(--base-color);
--placeholder-color: var(--base-color);
--link-color: var(--base-color);
--dark-purple: #241846;
--light-purple: #7952EB;
--code-color-1: #aaaaaa;
--code-color-2: #ffffcc;
--code-color-3: #F00000;

907
_sass/base.scss
View File

File diff suppressed because it is too large Load Diff

5
about.md
View File

@ -1,5 +0,0 @@
---
title: About
layout: about
permalink: /about.html
---

BIN
assets/base/company-thumbnail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 360 KiB

BIN
assets/base/distrust-thumbnail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

BIN
assets/base/landing-thumbnail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 361 KiB

BIN
assets/base/roadmap-thumbnail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 453 KiB

BIN
assets/base/services-thumbnail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 281 KiB

BIN
assets/fonts/Inter-VariableFont_opsz,wght.ttf Normal file
View File

Binary file not shown.

25
assets/js/main.js
View File

@ -10,6 +10,7 @@ collapsibleButton.addEventListener("click", function () {
});
document.addEventListener('DOMContentLoaded', function () {
initializeCompaniesCarousel();
fetch('../assets/js/carousel-items.json')
.then(response => response.json())
.then(data => {
@ -63,3 +64,27 @@ function initializeCarousel() {
updateCarouselItems();
setInterval(cycleItems, 7000);
}
function initializeCompaniesCarousel() {
const slider = document.getElementById('logoSlider');
// Duplicate the existing logos by appending the same HTML again:
slider.innerHTML += slider.innerHTML;
let offset = 0;
const speed = 0.5;
function animate() {
offset -= speed;
slider.style.transform = `translateX(${offset}px)`;
// After half of the total (2 sets) is scrolled, reset
if (Math.abs(offset) >= slider.scrollWidth / 2) {
offset = 0;
}
requestAnimationFrame(animate);
}
requestAnimationFrame(animate);
}

BIN
assets/videos/globe.mp4 Normal file
View File

Binary file not shown.

BIN
assets/videos/globe.webm Normal file
View File

Binary file not shown.

BIN
assets/videos/landing-globe.mp4 Normal file
View File

Binary file not shown.

BIN
assets/videos/landing-globe.webm Normal file
View File

Binary file not shown.

BIN
assets/videos/swirly-lines.mp4 Normal file
View File

Binary file not shown.

BIN
assets/videos/swirly-lines.webm Normal file
View File

Binary file not shown.

BIN
assets/videos/turq-blocks.mp4 Normal file
View File

Binary file not shown.

BIN
assets/videos/turq-blocks.webm Normal file
View File

Binary file not shown.

7
company.md Normal file
View File

@ -0,0 +1,7 @@
---
title: Company
tagline: Distrust | Company
layout: company
permalink: /company.html
thumbnail: /assets/base/company-thumbnail.png
---

1
contact.md
View File

@ -1,5 +1,6 @@
---
title: Contact
tagline: Distrust | Contact
layout: contact
permalink: /contact.html
---

2
index.md
View File

@ -1,5 +1,7 @@
---
title: Home
tagline: Distrust | Home
layout: landing
permalink: /index.html
thumbnail: /assets/base/landing-thumbnail.png
---

8
roadmap.md Normal file
View File

@ -0,0 +1,8 @@
---
title: Roadmap
tagline: Distrust | Roadmap
summary: Open source tools for verifiable security
layout: roadmap
permalink: /roadmap.html
thumbnail: /assets/base/roadmap-thumbnail.png
---

3
services.md
View File

@ -1,5 +1,8 @@
---
title: Services
tagline: Distrust | Services
layout: services
summary: Hire Distrust to solve your hardest security challenges
permalink: /services.html
thumbnail: /assets/base/services-thumbnail.png
---

5
tools.md
View File

@ -1,5 +0,0 @@
---
title: Tools
layout: tools
permalink: /tools.html
---