DevSecOpsGuideline icon indicating copy to clipboard operation
DevSecOpsGuideline copied to clipboard

Published 20 hours ago verified publisher icon OWASP

Software Composition Analysis & Supply Chain Risk Management

Open mostafa opened this issue 2 years ago • 2 comments

Hey!

I see that the SCA is a little bit less developed than other parts of the doc, so I'd be happy to expand on this to include various techniques, technologies, tools, and workflows on how this is done in a real-world scenario. Let me know if that's what you're interested in. I also gave a talk about it here.

mostafa avatar Jun 28 '22 10:06 mostafa

Hi @mostafa, Sounds good. Please feel free and start your contribution to this domain. I'm looking forward to approving your Pull Request. :D

Ali-Yazdani avatar Jun 28 '22 13:06 Ali-Yazdani

Hi,

On supply chain could be nice also to add Sigstore, happy to contribute on it as well :)

fdicarlo avatar Jul 16 '22 18:07 fdicarlo