We are thrilled to announce 📢 Kosli is now SOC 2 Type 2 compliant - Read more
✨ New Feature: Kosli Trails is live ✨ Create comprehensive audit trails for any DevOps activity - Read more

Kosli white paper library

Enjoy our long reads on DevSecOps, Cybersecurity, and Autonomous Governance

How to secure your software supply chain with Artifact Binary Provenance

By Mike Long

In Kosli, we use Artifact Binary Provenance as the foundation for our audit trails. Artifact Binary Provenance is a fancy term, but the idea behind it is really quite simple. All it means is that we can identify the software we have running in production. Let’s take a closer look

View Online

Authors

  • Continuous Compliance

Supply Chain Levels for Software Artifacts (SLSA)

By John Willis & Bill Bensing

Supply chain Levels for Software Artifacts (SLSA) is a security framework that assists in ensuring the integrity of software artifacts throughout the software supply chain. The Open Source Security Foundation (OpenSSF) introduced SLSA in 2021 to protect software from sources through deployment by helping organizations to counter critical threats. SLSA provides a model for improving supply chain security and integrity, and offers guidance for solving issues related to developer or build systems as exploitable security vectors.

View Online

Authors

John Willis
Distinguished Researcher @Kosli
Bill Bensing
Field CTO @Kosli
Supply Chain Levels for Software Artifacts (SLSA) Whitepaper cover

Ready to ship with more confidence?

Get security and compliance you can trust without slowing down or changing your tools.
Request a demo Start for free
Auditor and Kosli user

Got a question about Kosli?

We’re here to help, our customers range from larges fintechs, medtechs and regulated business all looking to streamline their DevOps audit trails

Contact us