Frederic Leger

Frederic Leger has an Engineer Certificate in Electronic Systems and Data Processing that he obtained in 1996. He has worked for Wind River Systems as a Software Engineer for 20 years, and after four years working on Cyber Defense for the French government, joined AdaCore in 2023 as a Product Security Engineer.

Secure Supply Chain and vulnerability reports at AdaCore

In the past few years, attacks compromising software supply chains (MITRE ATT&CK T1195) have become more prominent, with cases such as NotPeya, Target data breach, Solarwinds, … The impact of the SolarWinds attack in 2020 in the United States led to Executive Order 14028, which strongly focuses on improving the security and integrity of software supply chains. Since then, various initiatives have been started, either by governments or organizations, such as SSDF (“Secure Software Development Framework”) by NIST or the SLSA framework (“Supply Chain Levels for Software Artifacts”) by OpenSSF (2021).

#SLSA