Enhanced Environment Compliance with Environment Policies
We’re excited to announce an important enhancement to Kosli that will improve how environment compliance is managed across your organization. Starting with our next release, all compliance evaluation for Kosli environments will be consolidated through our powerful Environment Policies feature. What’s Changing This update consolidates compliance configuration into a more flexible and powerful system by: Removing the existing “Require Trail Compliance” setting from both the UI and CLI Automatically generating new Environment Policies based on your current compliance settings Migrating all existing environments to use Environment Policies Impact on Your Organization No disruption to your current compliance status.
Building the Future of Software Delivery Controls: Inside the FINOS SDLC Governance Working Group
Building the Future of Software Delivery Controls: Inside the FINOS SDLC Governance Working Group In October, technologists from across the financial industry gathered in New York for OSFF 2025 where …
Storage and Story: Why Artifact Repositories Need Provenance
How Artifactory and Kosli Create a Complete Chain of Custody for Your Software The Problem with “What” An artifact repository like JFrog Artifactory is a cornerstone of modern DevOps. It stores …
How to Automate Change Management Evidence using Kosli and ServiceNow
The Problem: Approvals Waiting on Proof Are your deployments getting stuck waiting for approvals? Your code is ready. Your tests are green. But your ServiceNow change ticket is still holding up the …
Secrets We Forgot… Until Automation Saved Us
We All Have That One Secret… That API key that has been sitting in production for ages. The personal access token that was supposed to be rotated 2 months ago. The service key that is about to …
Build. Release. Run. Repeat. But Where’s the Control?
Every Team Builds, Releases, and Runs Software. But Who Can See the Whole Picture? In every engineering organization, from fintech unicorns to 20,000-seat global bank, delivery happens in a loop. Code …
Security and Compliance Takes Center Stage: Key Insights from Open Source Finance Forum - London 2025
We’ve just wrapped up London’s 2025 Open Source Finance Forum (OSFF) in London and in this blog I’ll try to capture the key highlights from this year’s event while they’re still fresh. Dominant themes …
The Future of Auditing is Agentic AI
Audits are painful for developers AND compliance teams We’ve solved audits for evidence collection. With AI we’ll solve it for evidence evaluation What is the point of an SDLC audit? Audits are a slow …
Introducing Environment Policy- Gain Unified Control Over Compliance Requirements Across Your Runtime Environments
In modern software development, different environments often have different compliance requirements. Your development environment might allow more flexibility, while production demands strict controls …
Flexible, Evidence-Driven Compliance: Meet Kosli’s Custom Attestations
At Kosli, we believe that governance in software delivery shouldn’t be a bottleneck – it should be an extension of how your teams already work. That’s why we’re excited to introduce custom …
Kosli Changelog May 2025
Get trail attestations via the Kosli CLI A new `get attestation` command was added to the CLI in v2.11.15. This gives you an easy way, using the attestation name, to retrieve information about …
