Last week I attended the Linux
Foundation’s Open Source Summit Europe here in my
hometown of Dublin where I mainly camped out at
the SupplyChainSecurityCon
event. The talks focused on SBOMs, SLSA, VEX, provenance, attestation and signing. He’s what I picked up at the event
over the 4 days.