|
|
G.1.3 Produce attestation
|
|
|
G.1.4 Deliver provenance
|
|
|
G.1.5 Deliver SBOM
|
|
|
P.4.2 Automated security scanning tools
|
|
|
P.5.2 Dependency update
|
|
|
E.1.1 Safely store release artifacts
|
|
|
E.2.1 Release policy verification
|
|
|
E.2.2 Verify dependencies and environment
|
|
|
E.2.3 Defensive compilation and build
|
|
|
E.2.4 CI/CD hosting and automation
|
|
|
E.2.5 Secured orchestration platform
|
|
|
E.2.6 Reproducible builds
|
|
|
E.2.7 Build output
|
|
|
E.3.9 Ephemeral credentials
|
|
|
D.2.2 Build process monitoring
|
|
|
P.3.5 Prevent component vetting bypass
|
|
|
E.3.x Development Environment Scanning Tools
|