Microsoft’s internal framework to improve supply-chain security is adopted by public group

Found 21 days ago at Microsoft Press

We built the S2C2F as a consumption focused framework that uses a threat based, risk reduction approach to mitigate real world threats. One of its primary strengths is how well it pairs with any producer focused framework, such as SLSA. The framework enumerates a list of real world supply chain threats specific to OSS and explains how the frameworks requirements mitigate those threats. It also...

Read the article at Microsoft Press

More Developer News