The FOSDEM 2024 presentation 'SBOMs that you can trust: The Good, The Bad and the Ugly' covers SBOM trustworthiness across generation, storage, distribution, and processing using in-toto attestations, SLSA, CAS, and Sigstore.

Authors

• Person: Not available Organization: GitHub
  bureado/awesome-software-supply-chain-security - GitHub

Sources

• bureado/awesome-software-supply-chain-security - GitHub github.com GitHub via serper

Referenced by nodes (2)

• Software Bill of Materials (SBOM) concept
• Sigstore concept