Skip to content

Commit

Permalink
Add supply chain vulnerability mgmt for #51
Browse files Browse the repository at this point in the history
  • Loading branch information
@aj-stein-nist
aj-stein-nist committed Mar 27, 2024
1 parent 40c8ce7 commit fa64e9b
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions related-efforts.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,3 +24,9 @@ Software and services that implement the SCITT architecture support a variety of

- [OpenPubkey](https://www.bastionzero.com/openpubkey)
- [Sigstore](https://www.sigstore.dev/)

## Vulnerability Disclosure and Management

- [Common Security Advisory Framework (CSAF)](https://csaf.io)
- [VEX CSAF Profile](https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#45-profile-5-vex)
- [OpenVEX](https://github.com/openvex)

0 comments on commit fa64e9b

Please sign in to comment.