Software supply chain quickly became a hot topic in the last few years, especially as the number of high-profile attacks increased and the White House got involved. Sigstore, an open source project supported by the likes of Google, GitHub, Chainguard and RedHat, has become somewhat of a standard for signing, verifying and protecting software projects […]
Sigstore launches free software signing and verification service for open source projects by Frederic Lardinois originally published on TechCrunch...