Celebrating SLSA v1.0: securing the software supply chain for everyone | allinfosecnews.com

April 26, 2023, 3 p.m. | Google (noreply@blogger.com)

Google Online Security Blog security.googleblog.com

Bob Callaway, Staff Security Engineer, Google Open Source Security team

Last week the Open Source Security Foundation (OpenSSF) announced the release of SLSA v1.0, a framework that helps secure the software supply chain. Ten years of using an internal version of SLSA at Google has shown that it’s crucial to warding off tampering and keeping software secure. It’s especially gratifying to see SLSA reaching v1.0 as an open source project—contributors have come together to produce solutions that will benefit …

developers engineer foundation framework google internal open source open source security open source security foundation open source security team openssf organizations project release security security engineer security foundation security team slsa software software supply chain solutions staff supply supply chain supply chains tampering team the open source security foundation version

More from security.googleblog.com / Google Online Security Blog

Prevent Generative AI Data Leaks with Chrome Enterprise DLP 2 weeks ago | security.googleblog.com

ai data businesses can chrome +23

How we built the new Find My Device network with user security and privacy in … 3 weeks, 3 days ago | security.googleblog.com

android android security crowdsourced data +13

Google Public DNS’s approach to fight against cache poisoning attacks 1 month ago | security.googleblog.com

addresses attacks cache cache poisoning +21

Address Sanitizer for Bare-metal Firmware 1 month ago | security.googleblog.com

address android android security area +12

Real-time, privacy-preserving URL protection 1 month, 2 weeks ago | security.googleblog.com

alex amp attackers browsing +20

Vulnerability Reward Program: 2023 Year in Review 1 month, 2 weeks ago | security.googleblog.com

10 million address android security bug +21

Secure by Design: Google’s Perspective on Memory Safety 1 month, 4 weeks ago | security.googleblog.com

Piloting new ways of protecting Android users from financial fraud 2 months, 3 weeks ago | security.googleblog.com

android android security android users apps +19

Improving Interoperability Between Rust and C++ 2 months, 3 weeks ago | security.googleblog.com

amp android announcement back +13

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote

View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US

View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA

View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco

View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700

View on infosec-jobs.com