Every artefact shipped from your build pipeline carries an in-toto attestation signed with sigstore, produced inside an isolated builder, and verifiable by your customers without trusting your CI. Hermetic where feasible, reproducible by default.
Supply-chain attacks on the build environment are the highest-leverage class of attack in the industry — a single compromised runner can backdoor every downstream consumer for months before detection.
SLSA was written to make that class of attack expensive: hermetic builders, signed provenance, parameter-locked invocations, and tamper-evident logs. Most teams stop at L1 — "CI exists" — because L2+ is hard work without tooling.
Safeguard's build-provenance module wraps the CI you already use, produces in-toto attestations on every artefact, signs them with sigstore, and emits a customer-verifiable bundle alongside the binary. L3 in a sprint, L4 in a quarter.
Shared runners, cached dependencies, persistent credentials. A single compromise in any one of them silently taints every downstream release.
Without signed provenance, customers cannot independently confirm the binary they pulled was built from the source you claim. The audit reduces to vendor trust.
The path from commit SHA to released binary passes through opaque steps. When a regulator asks "what was in this release", the answer is half-reconstructed from logs.
Hermetic builders, key isolation, attestation generation — each piece is implementable but each team builds it from scratch. The result is partial coverage and uneven evidence.
Each build runs in a fresh, network-policy-locked environment with content-addressed inputs. No persistent state survives between runs; nothing outside the declared inputs is reachable.
The builder emits in-toto predicates for every step (fetch, compile, package), and the final attestation captures the full build graph. Predicates map cleanly to SLSA L3 requirements.
Attestations are signed via sigstore with workload identity, no long-lived keys; signatures land in the public Rekor transparency log so tampering is detectable post-facto.
Where the toolchain supports it (Go, Rust, Bazel), builds are reproducible bit-for-bit. The manifest pins toolchain versions and inputs, so any third party can re-derive the same hash.
Build invocation pins source SHA, toolchain digest, and the full parameter set; downstream changes require a fresh invocation.
Fresh runner instantiated with no inherited credentials, network-policy locked to the declared input set.
Dependencies pulled from content-addressed proxies; lockfile hashes verified before any compile step runs.
Each step emits an in-toto predicate; final attestation graph captures every input → output edge.
Attestation signed with workload-identity ephemeral keys; signature anchored in the public Rekor transparency log.
Binary + signed attestation + SBOM + verification script exported as one bundle; consumers verify offline with cosign + the public key.
Stack with SBOM Studio for the artefact graph, supply-chain-compliance for regulator framing, and research for the SLSA mapping notes.
Wrap one of your release pipelines and we'll produce a signed attestation bundle on the next build — without changing your CI vendor.