Understanding the SLSA Framework

The Supply Chain Levels for Software Artifacts (SLSA) framework is designed to help organizations improve the integrity of their software supply chains, says FOSSA. 

The goal of SLSA, according to the announcement blog post from Google in June 2021, is to “improve the state of the industry, particularly open source, to defend against the most pressing integrity threats. With SLSA, consumers can make informed choices about the security posture of the software they consume.”

This FOSSA article breaks down the various levels of the SLSA framework and provides examples to help organizations meet related requirements. 

Learn more at FOSSA.

See also:
Company Culture Predicts Software Development Security Practices
Cyber Safety Report Outlines Software Security Best Practices
How SBOMs Strengthen the Software Supply Chain

Contact us to learn about partnership and sponsorship opportunities.