A proof-of-concept SLSA provenance generator for Buildkite.
-
Updated
Oct 20, 2021 - Go
A proof-of-concept SLSA provenance generator for Buildkite.
Stream, Mutate and Sign Images with AWS Lambda and ECR
A demonstration of how GoReleaser can help us to make software supply chain more secure by using bunch of tools such as cosign, syft, grype, slsa-provenance
Azure DevOps Server development system segmentation best practices
boostsecurityio/supply-chain-research
Deterministic container hashes and container signing using Cosign, Kaniko and Google Cloud Build
Ensignia Provenance Upload Action
A Lifesaver learning app for bronze proficiency level
A demonstration of showing how to use 💃SLSA 3 Generic Generator with GoReleaser to release artifacts while generating signed SLSA provenance
Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.
A Jenkins plugin to create SLSA provenance attestations
SLSA generate and verify provenance demo
A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.
Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko generative SBOM, cosign attestation, and SLSA build provenance
Материалы к вебинару «Как выстроить процесс безопасной разработки в Yandex Cloud».
Create SLSA Provenance from nix flake
Add a description, image, and links to the slsa topic page so that developers can more easily learn about it.
To associate your repository with the slsa topic, visit your repo's landing page and select "manage topics."