WGHP

Alongside SLSA 1.0 Stable Release & EO 14028 Requirements, ActiveState Deploys Signed Attestations and SBOMs for Complete Provenance

ActiveState enables organizations to achieve Level 3 SLSA compliance through a hardened build service and automatically generated Provenance VANCOUVER, BC, April 26, 2023 /PRNewswire/ -- Today, ...
SDxCentral

OpenSSF give supply chain security a boost with SLSA 1.0

Supply chain security represents a complex challenge for organizations across industries, but it might be getting just a bit easier today with the release of the SLSA (pronounced salsa) 1.0 ...
CSOonline

OpenSSF releases SLSA v1.0, adds software supply chain-specific tracks

SLSA v1.0 has been designed to make the software supply chain security framework more accessible and specific to areas of the software delivery lifecycle. The Open Source Security Foundation (OpenSSF) ...
Dark Reading

Google, GitHub Collaboration Focuses on Securing Code Build Processes

Google and GitHub have been collaborating on a forgery-proof method for signing source code as part of their efforts to secure the software supply chain. Software supply chain security depends on ...
Dark Reading

OpenSSF Adds Software Supply Chain Tracks to SLSA Framework

The Open Source Security Foundation (OpenSSF) has released v1.0 of Supply-chain Levels for Software Artifacts (SLSA) with specific provisions for the software supply chain. Modern application ...