Tag
build-integrity
Safeguard articles tagged "build-integrity" — guides, analysis, and best practices for software supply chain and application security.
14 articles
DevSecOps
Build Artifact Integrity Verification: From Source to Deployment
If you cannot verify that your deployed artifact matches your reviewed source code, your entire code review process is security theater. Here is how to close that gap.
Aug 28, 20226 min read
DevSecOps
Reproducible Builds: The Gold Standard for Supply Chain Integrity
If you can't rebuild a binary from source and get the same result, you can't verify that the binary matches the source. Reproducible builds close this fundamental trust gap.
Aug 1, 20228 min read