all InfoSec news
SLSA Provenance Blog Series, Part 1: What Is Software Attestation
Legit Security Blog www.legitsecurity.com
In this blog series, we will uncover the details of SLSA provenance which refers to the ability to trust the authenticity of artifacts. SLSA (Supply chain Levels for Software Artifacts) is focused on protecting software from source through its deployment by allowing users to make automated decisions about the integrity of the artifacts they use, thereby preventing many possible attacks throughout the supply chain. SLSA is a software supply chain security framework started by Google which today is backed by …
appsec artifacts attestation automated blog deployment integrity protecting provenance series slsa software supply supply chain threats trust uncover what is