Cloudsmith is the only universal, cloud-native solution for software artifact management and software supply chain security. Start your free trial today.
SLSA 1.0 is here! What's it mean for you?
Get the latest on SBOMs, OSS security and supply chain security
Webinar Archive
Draft Version 1.0 of SLSA Open for Comments - Open Source Security Foundation
⛓ in-toto and SLSA•🐙Wolfi OS Package Updates•🐳 Docker Builds and Multi-platform• ❌🔑 Keyless Signing for GitLab•💃SLSA v1.0 Release•🚨CNCF SLSA Assessments
SLSA • Supply chain threats
SLSA • Introduction
OpenSSF Tech Talk - Securing the Software Supply Chain: An In-Depth Exploration of SLSA
SLSA • Supply-chain Levels for Software Artifacts
Cloudsmith
What Are Supply Chain Levels for Software Artifacts (SLSA)?
SLSA: The Source of the problem by François Proulx
Figure Out Who's Lurking in Your Supply Chain With Signatures and Attestations
How confident are you with what's really happening inside your CI/CD pipeline? The elements you should be securing, and how