행위

SLSA

라이언의 꿀팁백과

Ryanyang (토론 | 기여)님의 2022년 3월 24일 (목) 00:50 판 (새 문서: '''Supply chain Levels for Software Artifacts''', or '''SLSA (salsa).''' It’s <u>a security framework</u>, <u>a check-list of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure in your projects, businesses or enterprises.</u> It’s how you get from safe enough to being as resilient as possible, at any link in the chain. ([https://slsa.dev Link]) 파일:Supply chain vulnerabilities.png|대체글=supply chain vulnerabilit...)
(차이) ← 이전 판 | 최신판 (차이) | 다음 판 → (차이)

Supply chain Levels for Software Artifacts, or SLSA (salsa).


It’s a security framework, a check-list of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure in your projects, businesses or enterprises. It’s how you get from safe enough to being as resilient as possible, at any link in the chain. (Link)

supply chain vulnerabilities

There are four Levels of assurance in SLA from Level 1 to Level 4.

Levels of Assurance in SLA


Here is the first stop to get started to reach SLSA Level 1.


The second task is tightly related to software bill of materials or SBOM (Link).