Security is a primary consideration of Linux and open-source software today. So when European Linux giant SUSE released the SUSE Linux Enterprise 15 Service Pack 4 (SLE 14 SP4) it came as no surprise that it incorporated top security features.
This included a Supply chain Levels for Software Artifacts (SLSA) Level 4 compliance. SLSA, pronounced “salsa,” is an end-to-end framework for ensuring the integrity of software artifacts throughout the software supply chain.” Started by Google, SLSA is now a Linux Foundation project.
With SLSA Level 4 compliance, SUSE claims that its code has been given a two-person review of all changes and uses a hermetic, reproducible build process. This is the highest level of SLSE compliance — it means you can have a high degree of confidence that its software hasn’t been touched by hackers.
SLE 15 SP4 also supports confidential computing if you’re running on AMD Secure Encrypted Virtualization-Encrypted State (SEV-ES) CPUs. What’s that? Instead of just encrypting data when it’s at rest in storage or on the network, it’s also encrypted in memory or CPU registers. This is important if you’re running processes with sensitive data on the cloud. SLE 15 SP4 is the first Linux distribution to support this. Today, you can use this to isolate virtual machines (VM) on the Google Cloud. You can expect to see it supported on other clouds soon.
Speaking of the cloud, SUSE has worked with Nvidia to deliver maximum performance and availability