Draft Version 1.0 of SLSA Open for Comments - Open Source Security Foundation

Supply-chain Levels for Software Artifacts (SLSA, pronounced “salsa”) is an OpenSSF project that provides specifications for software supply chain security, established by industry consensus. SLSA’s framework is organized into a series of levels that describe increasing security rigor. Version 0.1 of the SLSA specification has been out for some time. We’ve been steadily working in public on updates to SLSA to have a “version 1.0” ready. Now, we have a draft version 1.0, and we’re seeking your final feedback.

OpenSSF on LinkedIn: #oss #ossecurity #slsa #softwaresupplychain #softwaresupplychainsecurity

Bruno Domingues on LinkedIn: #iamintel #banking #financialservices

Vaibhav Paralikar on LinkedIn: Important Things to Know Before

Linux Foundation Newsletter: March 2023

Draft Version 1.0 of SLSA Open for Comments - Open Source Security

OpenSSF on LinkedIn: #oss #ossecurity #slsa #softwaresupplychain #softwaresupplychainsecurity

Draft Version 1.0 of SLSA Open for Comments - Open Source Security Foundation

Planet Mozilla

Bruno Domingues on LinkedIn: 1-Trillion Parameter AI Model Running

OpenSSF on LinkedIn: #oss #ossecurity #slsa #softwaresupplychain #softwaresupplychainsecurity

Securing open source software with Platform One and Canonical