Sign inContact usTry it out

Open source collaboration 

Establishing trust in our open source dependencies 

Projects we support


Sigstore was started to improve supply chain technology for anyone using open source projects. It's for open source maintainers, by open source maintainers.

Visit Sigstore


Supply chain Levels for Software Artifacts (SLSA) is a security framework and step-by-step checklist to prevent tampering, improve integrity and secure packages across your supply chain.

Visit SLSA


Tekton is a powerful and flexible open-source framework for creating CI/CD systems, allowing developers to build, test, and deploy across cloud providers and on-premise systems.

Visit Tekton


Knative is an open source enterprise-level solution to build serverless and event driven applications in Kubernetes environments.

Visit Knative


A cross-industry collaboration that brings together leaders to improve the security of open source software by building an expert community, targeted initiatives, and best practices.

Visit OpenSSF


Open source container images that consist of only your application and its runtime dependencies. This minimalism improves signal to noise and reduces the burden of establishing provenance.

Visit distroless

Don’t break the chain – secure your supply chain today!

Sign inContact usTry it out