Learn how to verify SLSA provenance produced by trusted build systems in this 11-minute conference talk from OpenSSF. Explore practical methods for protecting against supply chain security threats including modified source builds, compromised build processes, and tampered package downloads. Discover techniques for continuous assurance of security levels in open source artifacts through detailed explanations from ComplianceCow experts Krithika Venugopal and Raj Krishnamurthy, who demonstrate end-user verification approaches for maintaining software supply chain integrity.
Continuous Assurance of Supply Chain Security Levels of Open Source Artifacts Using SLSA 0.1
Overview
Syllabus
Continuous Assurance of Supply Chain Security Levels of Op... Krithika Venugopal & Raj Krishnamurthy
Taught by
OpenSSF
Related Courses
-
SLSA - A Supply Chain Security Framework
-
Analyzing Google's SLSA Framework for Securing Software Supply Chains
-
GitHub Supply Chain Security Using GitGat
-
Securing the Software Supply Chain: An In-Depth Exploration of SLSA
-
The Chain of Trust - Towards SLSA L3 with Tekton Trusted Artifacts
-
Open Source Software Supply Chain Security - Understanding Threats and Best Practices
