-
Follow up for #70
We should include an SBOM field to artifact events.
The first consumer of this field will be guac.sh.
-
using OpenSSF best practices
Also create seccomp & apparmor profiles for running in containers securely
-
### Summary
Course that covers the steps to create a secure software supply chain to validate the components at each stage in the development lifecycle of a product.
### Outcome
Learners will be…
-
SLSA offers:
- A common vocabulary to talk about software supply chain security
- A way to secure your incoming supply chain by evaluating the trustworthiness of the artifacts you consume
- An ac…
-
k
-
Public Sector CNCF Members are seeing Government Customer focus on securing software supply chains and receiving attestations. These attestations need to be signed and have provenance bridge across mu…
-
Source File: [/blog/_posts/2017-11-00-Securing-Software-Supply-Chain-Grafeas.md](https://github.com/kubernetes/website/blob/release-1.16/content/en/blog/_posts/2017-11-00-Securing-Software-Supply-Chai…
-
Implement a Scorecards supply-chain security job within the CI/CD pipeline to systematically evaluate and score the security postures of all dependencies in the software supply chain. This job will ut…
-
Updated AWS public resources here reference IRAP/ISM and would improve guidance
https://aws.amazon.com/blogs/security/aws-customer-compliance-guides-now-publicly-available/
Also worth increasi…
adonm updated
3 months ago
-
## About
> Python in Excel makes it possible to natively combine Python and Excel analytics within the same workbook - with no setup required. With Python in Excel, you can type Python directly int…