Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term SLSA Supply-Chain Levels for Software Artifacts

Training Camp • Cybersecurity Glossary

What is SLSA Supply-Chain Levels for Software Artifacts?

SLSA Supply-chain Levels for Software Artifacts is an OpenSSF framework of graded controls ensuring build integrity and software provenance.

Glossary > Application & API Security > SLSA Supply-Chain Levels for Software Artifacts

Understanding SLSA Supply-Chain Levels for Software Artifacts

SLSA, Supply-chain Levels for Software Artifacts, is an open security framework, originally developed at Google and now hosted by the OpenSSF, that provides a checklist of standards and controls to harden software against supply chain tampering. It defines progressive levels of assurance focused primarily on build integrity and verifiable provenance, helping organizations attest that artifacts were built from expected source through trusted processes. Each level adds stronger requirements, ranging from basic provenance to hermetic, fully reproducible builds.

Learn More About SLSA Supply-Chain Levels for Software Artifacts:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →