Software supply chain security practices seeing only modest adoption

1 · · Feb. 21, 2023, 9:43 p.m.
If you are wondering what area of DevSecOps has tremendous opportunity for impact, look no further than security of your software supply chain. "Software supply chain security practices, embodied as the SLSA or SSDF frameworks, are already seeing modest adoption but are not seeing universal adoption yet. There is still a lot of room for improvement there," said Todd Kuleza, a member of Google Cloud's DevOps Research and Assessment (DORA) team and a senior user experience (UX) researcher at Googl...