WGHP

Alongside SLSA 1.0 Stable Release & EO 14028 Requirements, ActiveState Deploys Signed Attestations and SBOMs for Complete Provenance

ActiveState enables organizations to achieve Level 3 SLSA compliance through a hardened build service and automatically generated Provenance VANCOUVER, BC, April 26, 2023 /PRNewswire/ -- Today, ...
SDxCentral

OpenSSF give supply chain security a boost with SLSA 1.0

Supply chain security represents a complex challenge for organizations across industries, but it might be getting just a bit easier today with the release of the SLSA (pronounced salsa) 1.0 ...
CSOonline

OpenSSF releases SLSA v1.0, adds software supply chain-specific tracks

SLSA v1.0 has been designed to make the software supply chain security framework more accessible and specific to areas of the software delivery lifecycle. The Open Source Security Foundation (OpenSSF) ...
SDxCentral

Google SLSA, Linux Foundation Drops SBOM for Supply Chain Security Boost

Google and the Linux Foundation separately debuted new tools to improve supply chain security, with a specific focus on open source software, as federal agencies work on software-related standards and ...
Dark Reading

Google, GitHub Collaboration Focuses on Securing Code Build Processes

Google and GitHub have been collaborating on a forgery-proof method for signing source code as part of their efforts to secure the software supply chain. Software supply chain security depends on ...
Dark Reading

OpenSSF Adds Software Supply Chain Tracks to SLSA Framework

The Open Source Security Foundation (OpenSSF) has released v1.0 of Supply-chain Levels for Software Artifacts (SLSA) with specific provisions for the software supply chain. Modern application ...
Forbes

Google Heats SLSA ‘Salsa’ For Cooler Software Supply Chains

LONDON - FEBRUARY 03: In this photo illustration the Google logo is reflected in the eye of a girl on February 3, 2008 in London, England. Financial experts continue to evaluate the recent Microsoft ...