Sign inContact usTry it out

Open source collaboration 

Establishing trust in our open source dependencies 

Projects we support

Sigstore

Sigstore was started to improve supply chain technology for anyone using open source projects. It's for open source maintainers, by open source maintainers.

Visit Sigstore

SLSA

Supply chain Levels for Software Artifacts (SLSA) is a security framework and step-by-step checklist to prevent tampering, improve integrity and secure packages across your supply chain.

Visit SLSA

Tekton

Tekton is a powerful and flexible open-source framework for creating CI/CD systems, allowing developers to build, test, and deploy across cloud providers and on-premise systems.

Visit Tekton

Knative

Knative is an open source enterprise-level solution to build serverless and event driven applications in Kubernetes environments.

Visit Knative

OpenSSF

A cross-industry collaboration that brings together leaders to improve the security of open source software by building an expert community, targeted initiatives, and best practices.

Visit OpenSSF

distroless

Open source container images that consist of only your application and its runtime dependencies. This minimalism improves signal to noise and reduces the burden of establishing provenance.

Visit distroless

Don’t break the chain – secure your supply chain today!

Sign inContact usTry it out