Kosli raises $3.1 M USD in seed funding backed by Heavybit - Read more
New White Paper: Supply Chain Levels for Software Artifacts (SLSA) - Download now
Faster changes. Stronger security. Painless audits.
Kosli records all of the changes in your software to give you the easy buttons for audit, compliance, security, and incident response.
Audit & Compliance
Ace your next audit without slowing your software releases with tickets and meetings. Deploy freely with continuous compliance.
Security & Defense
Remove risk and uncertainty. Know exactly what’s running in production and where it was deployed from.
SRE & Platform Engineering
Pinpoint changes without digging in noisy dashboards to find them. Get the answer you need with powerful commands.
Automated recording and reporting for all of the changes in your software
Fast, compliant deployments without screenshots, spreadsheets or tickets
This image shows the compliance status of a single change running in production. The green lozenges show that all of the evidence for this change (scans, tests etc.) has been recorded in Kosli, so this change is in compliance.You can download this evidence to CSV file by using the blue button. For a full software audit e.g. evidence for every deployment made in the last 6 months, you just choose a date range and download your audit trail with a couple clicks.
Alerts for non-compliant or unauthorized changes
Kosli takes a snapshot of your runtimes whenever a change is made, and here you can see that between 104 and 105 a non-complaint or unauthorized change has been deployed.In this example, Kosli has detected that the most recent change to the environment does not have Snyk scan evidence, and it has provided an alert via the Slack integration.
Pinpoint the cause of incidents without digging and delays
Because Kosli stores a snapshot of your environments every time a change happens, it’s easy to quickly pinpoint the changes that cause incidents using simple diff commands.In this example prod is down but beta is up. By diffing the two environments using Kosli’s CLI you can immediately find the change that’s running in prod, but not in beta.
Elite performing teams deliver changes 973x more frequently. You’ve invested in DevOps - now unlock the benefits with Continuous Compliance.
Developer feedback with Kosli CLI
Real-time observability for devs and engineers
Tired of trying to figure out which change broke everything? Need to know where your commit is? Get the ability to see how your environments and pipelines are actually changing and quickly locate the change you need. See our developer feedback page to get a taste of what you can do from the command line with Kosli.
Learn more about developer feedback
$ kosli search baa49d2 Search result resolved to commit baa49d252b61a9ba8e765a41161de50c51d0529a Name: cyberdojo/creator:baa49d2 Fingerprint: 29d4c97df320966f22c0d23f1ffa8a864572eb078044f5561d11873b1de40e65 Has provenance: true Flow: creator Git commit: baa49d252b61a9ba8e765a41161de50c51d0529a Commit URL: https://github.com/cyber-dojo/creator/commit/baa49d252b61a9ba8e765a41161de50c51d0529a Build URL: https://github.com/cyber-dojo/creator/actions/runs/4871346095 Compliance state: COMPLIANT Running in: [ aws-beta, aws-prod ] Exited from: [ ] History: Commit baa49d2 Wed, 03 May 2023 13:27:00 CEST Artifact created Wed, 03 May 2023 13:29:56 CEST Received unit-test evidence Wed, 03 May 2023 13:31:07 CEST Received branch-coverage evidence Wed, 03 May 2023 13:31:10 CEST Received snyk-scan evidence Wed, 03 May 2023 13:31:36 CEST Expect deployment #222 to aws-prod environment Wed, 03 May 2023 13:32:44 CEST Expect deployment #223 to aws-beta environment Wed, 03 May 2023 13:32:48 CEST Started running in aws-prod#686 environment Wed, 03 May 2023 13:35:02 CEST Started running in aws-beta#590 environment Wed, 03 May 2023 13:35:17 CEST
Connect the dots between dev and ops
-
Rich support for your runtime environments
Kubernetes cluster, Amazon ECS, Amazon S3, Amazon Lambda, Physical/Virtual server -
Easy to implement in your CI/CD toolstack
No need to change your existing CI structure. To use Kosli you just need to run commands in your pipelines and runtime environments. -
Familiar CLI commands
Log, diff, ls, assert - Kosli uses easy and intuitive commands that let you explore your pipelines and runtime environments.
-
Rich support for your runtime environments
Kubernetes cluster, Amazon ECS, Amazon S3, Amazon Lambda, Physical/Virtual server -
Easy to implement in your CI/CD toolstack
No need to change your existing CI structure. To use Kosli you just need to run commands in your pipelines and runtime environments. -
Familiar CLI commands
Log, diff, ls, assert - Kosli uses easy and intuitive commands that let you explore your pipelines and runtime environments.
How it works
- Record
- Connect
- Search
Start reporting your environments and pipelines. Get started with one line of code in your runtime.
Record your environments
Know *exactly* what’s running in your environments. With one line of code Kosli fingerprints the running components in your environment and makes new commits in the database whenever a change is detected. Replace your config repos and glue scripts without enforcing a deployment approach
Connect your pipelines
Now you know what’s running in ops, connect it to your pipeline events. Get a live map of builds, tests, approvals, and deployments and see how it matches up with what’s actually running in your environments. Follow commits all the way to production and trace deployments back to the commit.
Search your DevOps history
With dev and ops aligned you can take time-consuming guesswork and frustration out of incident response, security, and even evidence gathering for audit. Use Kosli’s powerful search tools to log, diff and browse every change from commit to prod. Get what you need from the browser, API, or command line.
Resources

Kosli’s free asset helps define your SSLDC, providing a defined, repeatable way of working that manages IT risks
Fork the repoDownload Kosli’s Free white paper: Supply Chain Levels for Software Artifacts (SLSA)
View white paperSee how Kosli enabled Stacc’s journey to ISO compliance at NDC Conference and that turbo eureka moment!
Watch the video
How to prove your SDLC is being followed for compliance with medical standards like IEC 62304
Read the blogWhat does it mean to deliver software with Continuous Compliance?
Read the blog
Meet the companies that made friends with change with Kosli and ship with confidence and speed
View customer stories