SLSA
라이언의 꿀팁백과
Ryanyang (토론 | 기여)님의 2022년 3월 24일 (목) 00:50 판 (새 문서: '''Supply chain Levels for Software Artifacts''', or '''SLSA (salsa).''' It’s <u>a security framework</u>, <u>a check-list of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure in your projects, businesses or enterprises.</u> It’s how you get from safe enough to being as resilient as possible, at any link in the chain. ([https://slsa.dev Link]) 파일:Supply chain vulnerabilities.png|대체글=supply chain vulnerabilit...)
Ryanyang (토론 | 기여)님의 2022년 3월 24일 (목) 00:50 판 (새 문서: '''Supply chain Levels for Software Artifacts''', or '''SLSA (salsa).''' It’s <u>a security framework</u>, <u>a check-list of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure in your projects, businesses or enterprises.</u> It’s how you get from safe enough to being as resilient as possible, at any link in the chain. ([https://slsa.dev Link]) 파일:Supply chain vulnerabilities.png|대체글=supply chain vulnerabilit...)
Supply chain Levels for Software Artifacts, or SLSA (salsa).
It’s a security framework, a check-list of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure in your projects, businesses or enterprises. It’s how you get from safe enough to being as resilient as possible, at any link in the chain. (Link)
There are four Levels of assurance in SLA from Level 1 to Level 4.
Here is the first stop to get started to reach SLSA Level 1.
- Automate your builds
- Produce provenance data*
The second task is tightly related to software bill of materials or SBOM (Link).