Big News: Kosli’s achives Series A milestone with Deutsche Bank as an investor - Read the announcement

Kosli white paper library

Enjoy our long reads on DevSecOps, Cybersecurity, and Autonomous Governance
  • Continuous Compliance

How to secure your software supply chain with Artifact Binary Provenance

By Mike Long
In Kosli, we use Artifact Binary Provenance as the foundation for our audit trails. Artifact Binary Provenance is a fancy term, but the idea behind it is really quite simple. All it means is that we can identify the software we have running in production. Let’s take a closer look

Authors

Mike Long
CEO & Co-founder
  • Continuous Compliance

The Kosli Guide to Supply Chain Levels for Software Artifacts (SLSA)

By Bruce Johnston & Mike Long
SLSA is a framework for securing software supply chains by ensuring the provenance and integrity of software artifacts. This guide explains how to implement SLSA 1.1’s track-based model—particularly the Build track—and overcome its practical adoption challenges using Kosli. Unlike point tools or DIY solutions, Kosli offers a centralized, tool-agnostic platform that automates provenance attestations, integrates across any CI/CD environment, and extends beyond SLSA with runtime verification and controls. The paper also introduces Kosli’s approach to democratizing SLSA, making high-integrity software delivery accessible to all organizations.

Authors

Bruce Johnston
Mike Long
CEO & Co-founder
Supply Chain Levels for Software Artifacts (SLSA) Whitepaper cover

Ready to Automate Governance?

Book a consultation to see how Kosli eliminates compliance overhead and accelerates delivery.
Talk to an expert
Ready to Automate Governance?
Ready to Automate Governance?
Sounds like magic? Watch how its done.

Sounds like magic? Watch how its done.

Kosli in action