https://github.com/thomasvitale/supply-chain-security-java

Samples showing how to secure the supply chain for Java applications.
https://github.com/thomasvitale/supply-chain-security-java

cyclonedx java sbom sigstore slsa supply-chain-security

Last synced: about 2 months ago
JSON representation

Samples showing how to secure the supply chain for Java applications.

• Host: GitHub
• URL: https://github.com/thomasvitale/supply-chain-security-java
• Owner: ThomasVitale
• License: apache-2.0
• Created: 2023-09-23T18:12:48.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-10-24T22:40:57.000Z (7 months ago)
• Last Synced: 2024-10-24T23:14:34.407Z (7 months ago)
• Topics: cyclonedx, java, sbom, sigstore, slsa, supply-chain-security
• Language: Java
• Homepage:
• Size: 738 KB
• Stars: 11
• Watchers: 2
• Forks: 3
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Supply Chain Security Java

Samples showing how to secure the supply chain for Java applications, including:

* SBOMs with CycloneDX and SPDX

* Dependency Management with Gradle and Maven

* Cryptographic signatures, policies, and SLSA

* Containerization with Cloud Native Builpacks

## Articles

* [Supply Chain Security: SBOMs for Java Applications](https://www.thomasvitale.com/supply-chain-security-java-sbom)

## Conference Presentations

### Devoxx UK 2024

[![Watch the video](https://img.youtube.com/vi/VM7lJ0f_xhQ/hqdefault.jpg)](https://www.youtube.com/embed/VM7lJ0f_xhQ)

### Voxxed Days Zurich 2024

[![Watch the video](https://img.youtube.com/vi/pS4cmqNN1QY/hqdefault.jpg)](https://www.youtube.com/embed/pS4cmqNN1QY)

### Devoxx Belgium 2023

[![Watch the video](https://img.youtube.com/vi/ftPFxK8JPNM/hqdefault.jpg)](https://www.youtube.com/embed/ftPFxK8JPNM)