The software supply chain has emerged as a prime target for cyberattacks in recent years, as evidenced by major incidents like SolarWinds and Log4Shell. To understand how IT teams can get ahead of supply chain threats, I spoke with two founders of Chainguard – Ville Aikas and Kim Lewandowski, at BlackHat 2023. While at Google, Aikas, and Lewandowski were co-creators of two really popular open-source technologies (Sigstore and SLSA, aka “Salsa”).
Supply chain attacks have driven home the risks of third-party software dependencies. But as Chainguard’s founders explained, solutions like Sigstore and the SLSA framework are bringing discipline to securing code provenance and integrity.
This article has been indexed from DZone Security Zone
Read the original article: