slsa icon indicating copy to clipboard operation
slsa copied to clipboard
verified publisher icon slsa-framework

SLSA Framework in New CD Foundation Cybersecurity Guide

Open k8scarcella opened this issue 2 months ago • 2 comments

Dear maintainers of SLSA Framework,

Our group at the Continuous Delivery Foundation created a CI/CD Cybersecurity Guide and the OpenSSF projects are featured in it.

[Request] Please double check that we categorized your project properly (or didn’t forget any). https://cd.foundation/cybersecurity/

If you like our work, please share it with others

Sample social post: Do DevSecOps the right way. Follow this CI/CD Cybersecurity Guide from the CD Foundation. https://cd.foundation/blog/2025/09/30/cybersecurity-guide/

k8scarcella avatar Oct 31 '25 18:10 k8scarcella

TODO:

  1. Check if it's categorized properly (if at all).
  2. Ensure it's not too specific and point back to SLSA
  3. See if they should link to some else like the Security Baseline.

TomHennen avatar Nov 03 '25 17:11 TomHennen

@k8scarcella, I don't see SLSA mentioned anywhere in the https://cicd-cybersecurity.netlify.app/cicd-security-guide/ off hand. Do you know if SLSA is mentioned anywhere that I didn't find?

Most of the links seemed to be about specific tools. As SLSA is not a tool, do you think that there would be a good location to call out a framework as only the SSDF is mentioned across the stages, i.e. https://cicd-cybersecurity.netlify.app/cicd-security-guide/phase-1/ssdf/ ?

arewm avatar Nov 03 '25 17:11 arewm