-
see: https://github.com/slsa-framework/slsa-github-generator/blob/3d27f18a67e12a251517ca9af35771a93da39526/internal/builders/generic/README.md
see: https://security.googleblog.com/2022/04/improving-so…
-
## Description
To improve supply-chain security and license compliance for the software embedded in a component, we should incorporate a software bill-of-materials (BOM) in the component definition…
-
https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/
-
### Type
Suggestions for Improvement
### What would you like to report?
**Context**
One of the parts of the supply chain in modern ML systems is MLOps software - like i.e. MLFlow, Prefect et…
mik0w updated
5 months ago
-
Set the structure of the site according to the following table of content.
Include existing sections in the corresponding chapters
1. Introduction (To be defined)
2.0 Open Source Software Funda…
-
**Describe the problem/challenge you have**
Currently, the artefacts produced by the different Carvel projects (binaries, images, bundles) are not signed. It would be nice if they were all signed t…
-
Updated AWS public resources here reference IRAP/ISM and would improve guidance
https://aws.amazon.com/blogs/security/aws-customer-compliance-guides-now-publicly-available/
Also worth increasi…
adonm updated
5 months ago
-
1. http://greenersoftware.net
2. https://home.greenersoftware.net
-
https://github.com/zayaanra/software-supply-chain-security-hw1/blob/412bbffd6cd857da534e679d9f1bdbfc8ad4a3ea/main.py#L17
-
https://github.com/zayaanra/software-supply-chain-security-hw1/blob/412bbffd6cd857da534e679d9f1bdbfc8ad4a3ea/main.py#L63