Securing software supply chains isn’t easy technically. But you already knew that. Many new security programs and projects, such as Sigstore, Supply-Chain Levels for Software Artifacts (SLSA, pronounced “salsa”), and Software Bill of Materials…Read More