Commit 94f04d67 authored by Kim Lewandowski's avatar Kim Lewandowski
Browse files

Small change to expand scope of SLSA users

parent 21f1f31f
...@@ -78,10 +78,10 @@ SLSA addresses three issues: ...@@ -78,10 +78,10 @@ SLSA addresses three issues:
* Artifact signatures alone only prevent a subset of the attacks we care * Artifact signatures alone only prevent a subset of the attacks we care
about. about.
At a minimum, SLSA can be used as a set of guiding principles within an At a minimum, SLSA can be used as a set of guiding principles for software
organization. More importantly, SLSA allows us to talk about supply chain risks producers and consumers. More importantly, SLSA allows us to talk about supply
and mitigations in a common language. This allows us to communicate and act on chain risks and mitigations in a common language. This allows us to communicate
those risks across organizational boundaries. and act on those risks across organizational boundaries.
Numeric levels, in particular, are useful because they are simple. A decision Numeric levels, in particular, are useful because they are simple. A decision
maker easily understands that SLSA 3 is better than SLSA 2 without understanding maker easily understands that SLSA 3 is better than SLSA 2 without understanding
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment