The State of Git Security With SLSA and Gittuf - Patrick Zielinski & Aditya Sirish A Yelgundhalli
Presenters Patrick Zielinski Aditya Sirish A Yelgundhalli Source OpenSource SecurityCon NA 2025 Fortifying Your Code: A Deep Dive into Salsa and GitHub for Unbreakable Software Supply Chains 🚀 In today’s interconnected digital world, the integrity of our software supply chain is paramount. We’ve all heard the alarming stories: compromised GitHub actions, hijacked organizations, and even vulnerabilities in widely used projects like PHP and Juniper. These incidents underscore a critical truth: a breach at the source code level can have devastating ripple effects. But fear not! The open-source community is tirelessly working to build stronger defenses, and at the forefront of this effort are Salsa and GitHub. ...