Overview
Learn how to verify SLSA provenance produced by trusted build systems in this 11-minute conference talk from OpenSSF. Explore practical methods for protecting against supply chain security threats including modified source builds, compromised build processes, and tampered package downloads. Discover techniques for continuous assurance of security levels in open source artifacts through detailed explanations from ComplianceCow experts Krithika Venugopal and Raj Krishnamurthy, who demonstrate end-user verification approaches for maintaining software supply chain integrity.
Syllabus
Continuous Assurance of Supply Chain Security Levels of Op... Krithika Venugopal & Raj Krishnamurthy
Taught by
OpenSSF