Speaker: Asra Ali
She / her / hers
Software Engineer @Google
Asra is Software Engineer at Google working on Privacy, Safety, and Security. Her primary focus is on developing a transpiler for Fully Homomorphic Encryption and on the side contributes to the Google Open Source Security Team (GOSST) where she works on projects to improve software supply chain integrity. She’s a maintainer of Sigstore projects and open-source Supply-chain Levels for Software Artifacts (SLSA) tooling repositories. Previously, she worked on Envoy, fuzzing, and privacy-preserving technologies. She's passionate about making the internet a more private and secure space.
Achieving SLSA Certification with a “Bring-Your-Own-Builder” Framework
Supply-chain Levels for Software Artifacts, or SLSA (pronounced “salsa”), is a security framework to reason about and improve the integrity of released artifacts. With the recent release of SLSA version 1.0, SLSA is seeing increased adoption, both from industry and open source projects.