Cloudsmith is the only universal, cloud-native solution for software artifact management and software supply chain security. Start your free trial today.
Supply Chain Security Begins with Secure Software Development, NCC Group Research Blog
A Practical Guide to the SLSA Framework - FOSSA
SLSA: The Source of the problem by François Proulx
SLSA • Supply-chain Levels for Software Artifacts
SLSA • Supply chain threats
Webinar Archive
SLSA 1.0: Improving Software Supply Chain Security - Cycode
Secure Your Software Supply Chain Using Observability
OpenSSF releases SLSA v1.0, adds software supply chain-specific tracks
SLSA • Supply-chain Levels for Software Artifacts