-
https://arstechnica.com/information-technology/2023/03/massive-supply-chain-attack-with-ties-to-north-korea-hits-users-of-3cx-voice-app/
We talk about this in the 2023 dbir
-
A number of SW supply chain (SWSC) best practices frameworks have come out of CISA, NIST, and the OpenSSF. This issue tracks the implementation plan for meeting these practices.
Implementing these …
-
Wikipedia references:
* https://en.wikipedia.org/wiki/Information_security
* https://en.wikipedia.org/wiki/Information_security_audit
* https://en.wikipedia.org/wiki/Attribute-based_access_contro…
-
# **Background:**
- As per published [v1.0](https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/tree/main/1_0_vulns) of the OWASP Top 10 for Large Language Model Applica…
-
https://github.com/sigstore/cosign
Supply Chain Security on Amazon Elastic Kubernetes Service (Amazon EKS) using AWS Key Management Service (AWS KMS), Kyverno, and Cosign
https://aws.amazon.com/bl…
-
**What version of Tailwind CSS are you using?**
For example: v3.4.4
**What build tool (or framework if it abstracts the build tool) are you using?**
For example: postcss-cli 8.3.1
**Wh…
-
Supply Chain Security
-
I am just proposing an expanded definition for d3f:SourceCode...
```turtle
:SourceCode a owl:Class,
owl:NamedIndividual,
:ReferenceType ;
rdfs:label "Source Code" ;
sko…
-
As software supply chain is such important and critial, we need to enable SLSA in our Kubebb(especially kubebb/core).
https://slsa.dev/
![image](https://github.com/kubebb/core/assets/30621793/e…
-
Problem: Right now we're storing all of the app's dependencies directly in this repo, which has made it balloon in-size, which is only going to get worse with time.
This issue will track the task t…