The Open Source Security Foundation (OpenSSF) is proud to announce the release of version 1.0 of Supply-chain Levels for Software Artifacts (SLSA). SLSA is an OpenSSF project that provides specifications for software supply chain security, established by community expert consensus. The stable release of the SLSA 1.0 Build Track lowers the barrier of entry for improvements, helps you focus efforts on improving your build, and reduces the chances of tampering across a large swath of the supply chain.
Tracy Ragan: My Favorite Open Source Security Projects - The New Stack
Alec Harrell on LinkedIn: Sharing for my security network - blindly allowing browser extensions…
OpenSSF Expands Supply Chain Integrity Efforts with S2C2F - Open
Google Open Source Blog: 2021
Jacob Wyllie on LinkedIn: Today marks my last day working at CGI and I cannot help but reflect on my…
OpenSSF Announces SLSA Version 1.0 Release
OpenSSF Releases Top 10 Secure Software Development Guiding
⛓ in-toto and SLSA•🐙Wolfi OS Package Updates•🐳 Docker Builds
Melba Lopez on LinkedIn: #ossummit #openssfday
Victor Lu on LinkedIn: Professor Michael stonebraker's talks are always fun and thought…