The content on this page was provided by an independent third party and syndicated by XPR Media. Members of the editorial and news staff of the USA TODAY Network were not involved in the creation of this content.

Kusari Brings Enterprise-Grade AI Code Review & Dependency Management to CNCF and OpenSSF Communities

Distributed by EIN Presswire

Kusari Inspector is now free to CNCF and OpenSSF projects, delivering AI-powered dependency, license and security intelligence right in developer pull requests

We built Kusari Inspector to deliver advanced security inside developer workflows. Now maintainers can make confident, informed decisions about contributions without becoming security specialists.”

— Michael Lieberman, Kusari Co-Founder and CTO

RIDGEFIELD, CT, UNITED STATES, March 23, 2026 /EINPresswire.com/ — KUBECON EU AMSTERDAM Stand #1141 — Kusari, a leading innovator in software supply chain security, today announced partnerships with the Cloud Native Computing Foundation (CNCF) and the Open Source Security Foundation (OpenSSF) to make Kusari Inspector available free of charge to CNCF and OpenSSF open source projects.

Open source software underpins more than 90% of modern applications, and project maintainers are stretched thin by the deluge of AI-generated contributions. Plus, most maintainers are not security experts, nor should they have to be, to know what’s risky.

Kusari Inspector is an AI-powered code review and dependency analysis tool that delivers clear go/no-go recommendations via CLI or directly in GitHub pull requests. By surfacing context-aware guidance before changes are merged, Kusari Inspector enables maintainers and contributors to catch and remediate code, dependency, and license compliance risks without slowing development. Open source projects already adopting Kusari Inspector include Gemara, GitTUF, GUAC, in-toto/Witness, OpenVEX, Protobom and Supply-chain Levels for Software Artifacts (SLSA).

“Open source maintainers are balancing an ever-expanding set of responsibilities, and most of them didn’t sign up to be security experts,” said Michael Lieberman, Kusari Co-Founder and CTO. “We built Kusari Inspector to close the gap; delivering advanced security directly inside developer workflows and automating manual risk mitigation tasks. Now maintainers can make confident, informed decisions about contributions without becoming security specialists. Making it available to CNCF and OpenSSF projects is a natural extension of our commitment to the open source ecosystem.”

“The real breakthrough in securing the software supply chain is recognizing that dependency management—especially with the rise of AI-driven contributions—is a fundamentally cloud native challenge,” said Jonathan Bryce, executive director of CNCF. “Kusari Inspector delivers a key, automated layer to this process. It helps our contributors ensure projects remain secure while maintaining the high development velocity that our community demands.”

“OpenSSF has a long history of collaboration with Kusari—from the contribution of GUAC to maintaining OpenSSF Baseline and several upstream initiatives that deliver practical guidance,” said Steve Fernandez, GM of OpenSSF. “Making Kusari Inspector available to our projects helps translate that guidance into actionable security within real-world development workflows.”

The team will showcase Kusari innovations and open source initiatives to attendees at this week’s KubeCon + CloudNativeCon Europe 2026 in Amsterdam at Stand #1141. Maintainers can get started immediately with the Kusari CLI or GitHub App.

About Kusari
Kusari delivers end-to-end software supply chain security, helping organizations understand, secure, and manage risk across everything they build without friction. Powered by comprehensive SBOM analysis, Kusari provides a unified, highly accurate view of direct and transitive dependencies, vulnerabilities, and license risks across open source, AI-generated, and third-party code. Kusari is active in the open source security ecosystem, as a co-creator of GUAC (Graph for Understanding Artifact Composition) and contributor to several CNCF and OpenSSF initiatives. Founded by cybersecurity experts with deep experience in regulated industries, the company is backed by J2 Ventures, Glasswing Ventures, and Unusual Ventures.

Jennifer Pospishek
Kusari
pr_hotline@kusari.dev
Visit us on social media:
LinkedIn

See Kusari Inspector in action finding vulnerable dependencies

Legal Disclaimer:

EIN Presswire provides this news content “as is” without warranty of any kind. We do not accept any responsibility or liability
for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this
article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Information contained on this page is provided by an independent third-party content provider. XPRMedia and this Site make no warranties or representations in connection therewith. If you are affiliated with this page and would like it removed please contact pressreleases@xpr.media