Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

Supply chain security represents a complex challenge for organizations across industries, but it might be getting just a bit easier today with the release of the SLSA (pronounced salsa) 1.0 ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Soroosh Khodami discusses why we aren't ready ...

Google has proposed a new framework to mitigate the growing risks posed by attacks on the software supply chain. The Supply Chain Levels for Software Artifacts (SLSA, pronounced “salsa”) is designed ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Agent workflows make transport a first-order ...

To tackle the growing threat of attacks on the software supply chain, Google has proposed the Supply chain Levels for Software Artifacts framework, or SLSA which is pronounced "salsa". Sophisticated ...

Google and the Linux Foundation separately debuted new tools to improve supply chain security, with a specific focus on open source software, as federal agencies work on software-related standards and ...

The Open Source Security Foundation (OpenSSF) has released v1.0 of Supply-chain Levels for Software Artifacts (SLSA) with specific provisions for the software supply chain. Modern application ...

A software bill of materials (SBOMs) has been touted as a critical tool in solving software supply-chain security issues, but the rapid change of software ecosystems and the complexity of creating an ...