Skip to main content

Surveying Software Supply Chain Security

Chainguard, the co-creator of Sigstore, has conducted a survey to better understand if and how software supply best practices

are utilized by the industry. We take a look at the findings.

With the title, SLSA++ A Survey of Software Supply Chain Security, it was actually run by a consortium comprising  Chainguard, the Eclipse Foundation, the Rust Foundation and the OpenSSF. Suffice to say that these resounding names put some weight behind it.

It tried to address the following questions: 

  • Is everyone doing software supply chain security, or is everyone just talking about software supply chain security?
  • Do software professionals actually think different software supply chain practices are helpful, easy or difficult? 
full article :

Comments

Popular posts from this blog

Ingres vs Postgres MVCC Explained With Neo4j's LLM Knowledge Graph Builder

 LLM Knowledge Graph Builder is an application designed to turn unstructured data such as pdfs, text documents, YouTube videos, and web pages, into a knowledge graph stored in Neo4j, promising much better accuracy than simple RAG (Retrieval-Augmented Generation). https://www.i-programmer.info/news/80-java/17967-ingres-vs-postgres-mvcc-explained-with-neo4js-llm-knowledge-graph-builder-.html

The Advent of SQL 2024 Has Commenced

  It's Advent - the time of year when we countdown the days to Christmas - and if your are a programmer complete daily coding challenges with the Advent of Code, the Advent of Perl, the Advent of Java, Javascriptmas, etc. Now we have the Advent of SQL too with 24 SQL challenges to complete before Christmas! https://www.i-programmer.info/news/204-challenges/17678-the-advent-of-sql-2024-has-commenced.html