all InfoSec news
Celebrating SLSA v1.0: securing the software supply chain for everyone
Google Online Security Blog security.googleblog.com
Last week the Open Source Security Foundation (OpenSSF) announced the release of SLSA v1.0, a framework that helps secure the software supply chain. Ten years of using an internal version of SLSA at Google has shown that it’s crucial to warding off tampering and keeping software secure. It’s especially gratifying to see SLSA reaching v1.0 as an open source project—contributors have come together to produce solutions that will benefit …
developers engineer foundation framework google internal open source open source security open source security foundation open source security team openssf organizations project release security security engineer security foundation security team slsa software software supply chain solutions staff supply supply chain supply chains tampering team the open source security foundation version