We are thrilled to announce 📢 Kosli is now SOC 2 Type 2 compliant - Read more
✨ New Feature: Kosli Trails is live ✨ Create comprehensive audit trails for any DevOps activity - Read more

Kosli white paper library

Enjoy our long reads on DevSecOps, Cybersecurity, and Autonomous Governance
  • Continuous Compliance

Supply Chain Levels for Software Artifacts (SLSA)

By John Willis & Bill Bensing

Supply chain Levels for Software Artifacts (SLSA) is a security framework that assists in ensuring the integrity of software artifacts throughout the software supply chain. The Open Source Security Foundation (OpenSSF) introduced SLSA in 2021 to protect software from sources through deployment by helping organizations to counter critical threats. SLSA provides a model for improving supply chain security and integrity, and offers guidance for solving issues related to developer or build systems as exploitable security vectors.

View Online

Authors

John Willis
Distinguished Researcher @Kosli
Bill Bensing
Field CTO @Kosli
Supply Chain Levels for Software Artifacts (SLSA) Whitepaper cover

Ready to ship with more confidence?

Get security and compliance you can trust without slowing down or changing your tools.
Request a demo Start for free
Auditor and Kosli user

Got a question about Kosli?

We’re here to help, our customers range from larges fintechs, medtechs and regulated business all looking to streamline their DevOps audit trails

Contact us