Kosli raises $3.1 M USD in seed funding backed by Heavybit - Read more
New White Paper: Supply Chain Levels for Software Artifacts (SLSA) - Download now

Kosli white paper library

Enjoy our long reads on DevSecOps, Cybersecurity, and Autonomous Governance
  • Continuous Compliance

Supply Chain Levels for Software Artifacts (SLSA)

By John Willis & Bill Bensing

Supply chain Levels for Software Artifacts (SLSA) is a security framework that assists in ensuring the integrity of software artifacts throughout the software supply chain. The Open Source Security Foundation (OpenSSF) introduced SLSA in 2021 to protect software from sources through deployment by helping organizations to counter critical threats. SLSA provides a model for improving supply chain security and integrity, and offers guidance for solving issues related to developer or build systems as exploitable security vectors.

View Online


John Willis
Distinguished Researcher @Kosli
Bill Bensing
Field CTO @Kosli
Supply Chain Levels for Software Artifacts (SLSA) Whitepaper cover