The Kosli Blog

Generating and Tracking SBOMs with Kosli: Enhancing Software Security and Supply Chain Transparency

Software Bill of Materials (SBOMs) are crucial for maintaining software security and supply chain transparency. They provide a detailed list of all components, libraries, and dependencies within a software application, enabling organizations to identify and address potential vulnerabilities, license compliance issues, and other risks. By generating and tracking SBOMs in Kosli, you can establish a centralized and auditable repository for your software’s supply chain information. This allows you to: *Track component provenance*: Understand the origin and history of each software component, ensuring that you’re using trusted and verified sources.

by Mike Long

technology

Kosli Changelog March 2025

technology

How we implemented a release/promotion workflow with a single approval, using Kosli

news

Kosli Raises $10 Million Series A led by Deutsche Bank and Heavybit to Transform Software Delivery Governance.

technology

Kosli Changelog February 2025

LATEST ARTICLES

View all >

Migrating from Generic to Custom Attestations: A zero-trust approach to compliance

The kosli attest generic CLI command can attest anything, but unlike a “typed” attestation (such as kosli attest snyk), it does not calculate a true/false compliance value for you. …

Jon Jagger in features

Moving to a zero-trust model with Kosli's custom attestations

The Kosli CLI provides several attest commands, such as kosli attest snyk, kosli attest jira, etc. These attestations are “typed” - each one knows how to interpret its own particular kind …

Jon Jagger in features

How to make Kosli generic attestations using the kosli-attest-generic command

Update! We recommend using the new custom attestations instead of generic attestations. Please see these two new blog posts: Migrating from Generic to Custom Attestations: A zero-trust approach to …

Jon Jagger in features

Kosli Changelog January 2025

Make the kosli-dev/setup-cli-action verified in the GitHub Marketplace Kosli has become an official GitHub Technology Partner. As part of this partnership, our setup-kosli-cli GitHub Action has been …

Product Team in technology

Kosli Changelog December 2024

A short month for the Product team is no excuse for shipping less changes on the application, improving its functionality one update at a time! Having our users’ experience as our focus, and …

Katerina Konstantinou in technology

Kosli Changelog November 2024

Another month another changelog packed with updates that improve the functionality of the platform and enhance user experience. As always, we’d love to hear your comments and feedback on the updates …

Jonathan Coull in technology

FEATURES

View all >

Generating and Tracking SBOMs with Kosli: Enhancing Software Security and Supply Chain Transparency

Mike Long in features, technology

Migrating from Generic to Custom Attestations: A zero-trust approach to compliance

The kosli attest generic CLI command can attest anything, but unlike a “typed” attestation (such as kosli attest snyk), it does not calculate a true/false compliance value for you. …

Jon Jagger in features

Moving to a zero-trust model with Kosli's custom attestations

The Kosli CLI provides several attest commands, such as kosli attest snyk, kosli attest jira, etc. These attestations are “typed” - each one knows how to interpret its own particular kind …

Jon Jagger in features

NEWS

View all >

Kosli Raises $10 Million Series A led by Deutsche Bank and Heavybit to Transform Software Delivery Governance.

We are delighted to announce that Kosli has raised $10 million in Series A funding. The round was led by Deutsche Bank’s Corporate Venture Capital (CVC) group, with participation from Heavybit, …

Bruce Johnston in news

Kosli Joins FINOS to Collaborate on DevOps Controls and Change Compliance in Financial Services

We are thrilled to announce that Kosli has joined the Fintech Open Source Foundation (FINOS), a Linux Foundation organization dedicated to fostering collaboration and innovation in financial services …

Mike Long in news

Introducing Kosli's Logical Environments: Gain total visibility and control over complex systems

In today’s fast-paced development landscape, environments are no longer simple or isolated. You’re managing resources that span across development stages, geographies, and technologies. And as those …

Jonathan Coull in news

TECHNOLOGY

View all >

Generating and Tracking SBOMs with Kosli: Enhancing Software Security and Supply Chain Transparency

LATEST ARTICLES

Migrating from Generic to Custom Attestations: A zero-trust approach to compliance

Moving to a zero-trust model with Kosli's custom attestations

How to make Kosli generic attestations using the kosli-attest-generic command

Kosli Changelog January 2025

Kosli Changelog December 2024

Kosli Changelog November 2024

FEATURES

Generating and Tracking SBOMs with Kosli: Enhancing Software Security and Supply Chain Transparency

Migrating from Generic to Custom Attestations: A zero-trust approach to compliance

Moving to a zero-trust model with Kosli's custom attestations

NEWS

Kosli Raises $10 Million Series A led by Deutsche Bank and Heavybit to Transform Software Delivery Governance.

Kosli Joins FINOS to Collaborate on DevOps Controls and Change Compliance in Financial Services

Introducing Kosli's Logical Environments: Gain total visibility and control over complex systems

TECHNOLOGY

Generating and Tracking SBOMs with Kosli: Enhancing Software Security and Supply Chain Transparency

Kosli Changelog March 2025

How we implemented a release/promotion workflow with a single approval, using Kosli

Stay in the loop with the Kosli newsletter

Tired of Compliance Bottlenecks and Slow Approvals?

TRUSTED BY THE WORLD’S LARGEST BANKS AND REGULATED COMPANIES