[Git][reproducible-builds/reproducible-website][master] 2024-10: link recordings from open-source summit

Bernhard M. Wiedemann (@bmwiedemann-guest) gitlab at salsa.debian.org
Sun Oct 13 12:55:19 UTC 2024



Bernhard M. Wiedemann pushed to branch master at Reproducible Builds / reproducible-website


Commits:
2ce730ab by Bernhard M. Wiedemann at 2024-10-13T14:54:42+02:00
2024-10: link recordings from open-source summit

- - - - -


1 changed file:

- _reports/2024-10.md


Changes:

=====================================
_reports/2024-10.md
=====================================
@@ -7,3 +7,19 @@ draft: true
 ---
 
 * [FIXME](https://www.digidow.eu/publications/2024-schwaighofer-scored/Schwaighofer_2024_SCORED24_CloudBuildSystemsTrust.pdf)
+
+* The open source summit EU 2024 covered plenty topics related to supply-chain security:
+    * [Public Sector + OpenSSF: Principles for Package Repository Security](https://www.youtube.com/watch?v=EyzFZYeSj5g&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=124)
+    * [The Model Openness Framework: Promoting Completeness and Openness for Reproducibility, Transparency and Usability in AI](https://www.youtube.com/watch?v=-GFcUgT77oE&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=114)
+    * [Structured Scorecard Results: Tailor Your Own Supply-Chain Security Policies](https://www.youtube.com/watch?v=ZT3XdMF6U5A&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=106)
+    * [Lightning Talk: Elephant in the Room: How Supply Chain Security Standards Are Not Standard and What to Do About It](https://www.youtube.com/watch?v=ICrlIlWAiGA&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=103)
+    * [Lightning Talk: Charting the Course for Secure Software Supply Chain with Guac-AI-Mole!](https://www.youtube.com/watch?v=mHjsaDDkbKo&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=102)
+    * [TPMs, Merkle Trees and TEEs: Enhancing SLSA with Hardware-Assisted Build Environment Verification](https://www.youtube.com/watch?v=Gk0LDi05KRg&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=100)
+    * [Accountability Taxonomy for AI Software Bill of Materials](https://www.youtube.com/watch?v=nSQ3rsaqpaQ&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=47)
+    * [Securing Your Supply Chain with an Open Source Ecosystem](https://www.youtube.com/watch?v=154gKafXhnc&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=33)
+    * [OSS Supply Chain Threats and Why You Need a Holistic Security Strategy](https://www.youtube.com/watch?v=cLPZ7dYndH0&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=30)
+    * [A Step Closer to in-Toto’lly Secure: Using in-Toto and OPA Gatekeeper to Verify Artifact Integrity](https://www.youtube.com/watch?v=b_ImE70Vhd8&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=28)
+    * [Panel Discussion: Improving Supply Chain Integrity with OpenSSF Technologies](https://www.youtube.com/watch?v=6EPROzPfqD8&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=26)
+    * [Case Study: 10+ Years of Developing an SBOM System and the Dos and Don’ts](https://www.youtube.com/watch?v=1LTqB4czzEs&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=142)
+    * [SBOM in SaaS Environments: An Update](https://www.youtube.com/watch?v=4rA9JOESvL8&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=182)
+    * [Securing Git Repositories with Gittuf](https://www.youtube.com/watch?v=eCSeIEdMbCw&list=PLbzoR-pLrL6poagnac0dQuTXcmNvUHVOj&index=179)



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/2ce730ab082e3017989818ac6da710d10c09491f

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/2ce730ab082e3017989818ac6da710d10c09491f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20241013/1ab6cf77/attachment.htm>


More information about the rb-commits mailing list