Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain - Marina Moore & Aditya Yelgundhalli
Securing Software Supply chains with in-toto
USENIX Security '19 - in-toto: Providing farm-to-table guarantees for bits and bytes
In-toto protects your CI/CD pipelines from supply chain attacks
In-Toto: Attestations and More for Software Supply Chain Security - Aditya Sirish A Yelgundhalli
How to secure your software supply chain
Software Supply Chain Integrity with Sigstore - Marina Moore & Priya Wadhwa, Google
Deep Dive: TUF What's New With TUF? - Marina Moore, NYU & Trishank Kuppusamy, Datadog
