SLSA (pronounced “salsa”) is security framework from source to service, giving anyone working with software a common language for increasing levels of software security and supply chain integrity.
The best way to read about SLSA is to visit slsa.dev.
What’s in this repo?
You can read SLSA’s documentation here:
SLSA is currently in alpha. The framework is constantly being improved. We encourage the community to try adopting SLSA levels incrementally and to share your experiences back to us.
We rely on feedback from other organisations to evolve SLSA and be more useful to more people. Weâ€™d love to hear your experiences using it.
Are the levels achievable in your project? Would you add or remove anything from the framework? What else is needed before you can adopt it?
Joining the working group
Source : KitPloit – PenTest Tools!