Kim Lewandowski and Michael Lieberman on Securing the Software Supply Chain with SLSA
The InfoQ Podcast
00:00
Supply Chain Security - Is There a Supply Chain Challenge?
The main idea behind sacian is to apply zero trust principals to your software and the software you write. The expectation here is, yes, your code has probably already been compromised, so how do i make sure I'm only using stuff that i expect to be used? And then there's still sort of, i would say, some conversations going on with how you would then be able to go out and independently verify. There hasn't been a lot of conversation yet outside of just saying that that's something in the future that we want to look at.
Transcript
Play full episode
