Security Mindset Blog
Infrastructure Security
Supply Chain Security
Notes
Resources
About Me
Supply Chain Resources
OWASP Top 10 CI/CD Security Risks
https://owasp.org/www-project-top-10-ci-cd-security-risks/
S2C2F - Supply chain security framework
GitGub:
https://github.com/ossf/s2c2f
More on S2C2F:
OpenSSF Expands Supply Chain Integrity Efforts with S2C2F
MSFT:
https://www.microsoft.com/en-us/securityengineering/opensource
https://www.microsoft.com/en-us/securityengineering/sdl/s2c2f
“Supply chain security framework: S2C2F - CNCF”
Other
https://slsa.dev/
https://pbom.dev/
Supply Chain Tools
ADOKit
🐈 GATO