Itās important to distinguish the term āsourceā (any source of a good or service) from the term āvendorā (a source who is paid and has a contractual relationship), especially when…
Read More
Securing critical OSS components and infrastructure is an important part of securing critical infrastructure. When we consider open source critical infrastructure we must keep in mind that not all OSS…
Read More
To make it easier to use Sigstoreās toolkit to its full potential, OpenSSF and Linux Foundation Training & Certification released a free online training course, Securing Your Software Supply Chain…
Read More
The free "Developing Secure Software" (LFD121) online training course is now available through SCORM Connect, so that organizations with their own SCORM-compliant Learning Management Systems (LMSs) can integrate the course…
Read More