chainloop.dev
Open in
urlscan Pro
34.249.200.254
Public Scan
Submitted URL: https://auth.chainloop.dev/
Effective URL: https://chainloop.dev/
Submission: On July 09 via automatic, source certstream-suspicious — Scanned from DE
Effective URL: https://chainloop.dev/
Submission: On July 09 via automatic, source certstream-suspicious — Scanned from DE
Form analysis 1 forms found in the DOM
Name: email-form — POST https://dev.us21.list-manage.com/subscribe/post?u=801f42b3abafc40b1a17c5f25&id=dee0113f8e&f_id=00ffc6e1f0
<form id="email-form" name="email-form" data-name="Email Form" action="https://dev.us21.list-manage.com/subscribe/post?u=801f42b3abafc40b1a17c5f25&id=dee0113f8e&f_id=00ffc6e1f0" method="post" class="form-row space-bottom"
data-wf-page-id="65f82ab5e5a650ecf078c61b" data-wf-element-id="ab0369e6-419e-ebe2-1e79-a66ba7d31384" aria-label="Email Form"><input class="form-input form-input-large no-border w-input" maxlength="256" name="email-2" data-name="Email 2"
placeholder="Email Address" type="email" id="email-2" required=""><input type="submit" data-wait="Please wait..." class="button button-large form-row-button w-button" value="Subscribe"></form>Text Content
If you like what we do, give Chainloop Open Source a star on GitHub chainloop-dev/chainloop :) BlogDocsOpen SourceAbout Us Star us on GitHub Get Started THE CONTROL PLANE FOR TRUSTED SOFTWARE DELIVERY Build and deliver trusted software faster. Our vision is to automate trust for Software Supply Chain, helping companies make faster decisions, reduce security risks, achieve compliance, and save time and money. Software releases and audits will take hours rather than weeks. Chainloop Platform Open Source UPCOMING CHAINLOOP PLATFORM We help Enterprises build and deliver trusted software faster Request Demo Learn more about Chainloop Open Source, our Metadata Vault for Software Supply Chain, at our GitHub page. BUILD YOUR SINGLE PANE OF GLASS Create a centralized view of your entire Software Development Life Cycle (SDLC). Integrate various CI/CD and DevSecOps services across any cloud or platform. Consolidate software delivery metrics in one dashboard to simplify oversight and minimize distractions. GET CONTEXT WITH CHAINLOOP TRUST HUB Chainloop helps you better understand your software development process by creating a single source of truth for all your supply chain events and metadata. You can link essential data points like team information, pipelines, and manual or automated workflows to get a complete picture of the process. Chainloop enables you to democratize this information in your organization so you can make better decisions. For example, you can confidently block a software artifact to ensure compliance or security. BLOCK WITH CONFIDENCE Effortlessly implement control gates and raise security or compliance exceptions to the entire organization. Empower teams to confidently enforce security and compliance measures. INSTRUMENT YOUR SOFTWARE DELIVERY Enable visibility into your software supply chain by implementing monitoring, alerting, and SLOs. MEET DEVELOPERS WHERE THEY ARE We offer native integrations with multiple CI/CD and SCM platforms like GitHub, GitLab, Jenkins, Dagger, and more. With Chainloop, developers get a jargon-free process to comply with the SecOps team's requirements. No need to learn in-toto, signing, SLSA, OCI, APIs, credentials, nada :) ENTERPRISE READY FEATURES Chainloop’s was born with Enterprise features in mind. From customizable Federated content addressable store to Role Base Access Control or Single Sign On. SLSA IN A BOX Supply Chain Levels for Software Artifacts (SLSA) defines standards and controls to prevent tampering and improve the integrity of your Software Supply Chain. With Chainloop, you can reach SLSA v1.0 Build Level 2 by leveraging your own content addressable storage, the Sigstore suite, and the in-toto attestation format. DECLARATIVE AND VERSIONED CONTRACTS Operators have full control over what metadata must be received as part of the attestation and the environment where these workflows must be executed. This enables an easy and maintainable way of propagating and enforcing requirements downstream to your organization. TRUSTED SOFTWARE SUPPLY CHAIN METADATA VAULT Chainloop’s Open Source Metadata Vault allows you to easily collect, attest, sign, and distribute your Software Supply Chain metadata, SBOMs, VEX, SARIF files, QA reports, and more. With Chainloop, SecOps teams can, for each step in their SDLC, declare and enforce what pieces of evidence must be collected and what to do with them by leveraging third-party integrations such as Dependency-Track for SBOM analysis or a blob storage/OCI registry. On the other hand, developer teams do not need to become security experts. The attestation crafting tool will guide them with guardrails and a familiar developer experience. You can think of Chainloop as an API for your organization’s Software Supply Chain that both development and SecOps teams can use to interact effectively. That way SecOps teams now have control over their organization’s Software Supply Chain security compliance, observability and standardization implementation efforts. GROWING NUMBER OF INTEGRATIONS Chainloop offers a pluggable integrations framework that operators can use to extend Chainloop functionality by setting up third-party integrations on your attestation metadata. Integrations can range from notifications via a Slack message, storing the attestation to an AWS S3 blob storage, or sending a Software Bill Of Materials (SBOMs) to a third-party service, such as Guac or Dependency-Track. USE YOUR CLOUD Chainloop is cloud agnostic. We simplify deployment on AWS, Azure, and Google Cloud with support for multiple cloud managed services. USE CASES SOFTWARE DELIVERY VISIBILITY Gain comprehensive visibility across all your workflows. AUTOMATED COMPLIANCE Automate compliance with our declarative contracts. SUPERCHARGED COLLABORATION Collaborate seamlessly with all your teams on software delivery. ENTERPRISE EVIDENCE STORE Gather and centralize software supply chain metadata and pieces of evidence for SOC 2. SBOM AND *VEX Operationalize SBOMs software bill of materials. OPEN SOURCE CONSUMPTION Consume Open Source in a trustworthy way. VULNERABILITY MANAGEMENT Simplify vulnerability management for enhanced security. CONTROL GATES Establish control gates and connect automated and human-driven processes. FREQUENTLY ASKED QUESTIONS. If you have any further questions, Get in touch! IS CHAINLOOP OPEN SOURCE? Yes, Chainloop source code has been Open Sourced and can be found here! 🎉 CAN I RUN MY OWN INSTANCE OF CHAINLOOP END TO END? Yes, please refer to this guide. I AM USING NEITHER GITHUB ACTIONS NOR GITLAB, CAN I STILL USE CHAINLOOP? Yes, Chainloop is runner agnostic, which means that you can run the attestation anywhere, including your laptop! That said, there are benefits for using one of our supported runner types. We plan on supporting more CI vendors so your is not supported yet, please contact us with your preference and we will get back to you. GET GREAT CONTENT UPDATES FROM OUR TEAM TO YOUR INBOX. Thank you! Your submission has been received! Oops! Something went wrong while submitting the form. Join our subscribers. GDPR and CCPA compliant. FEATURED BLOG POSTS Changelog June 26, 2024 CHAINLOOP CHANGELOG - JUNE 2024 News May 2, 2024 WELCOMING OUR FOUNDING ENGINEERING TEAM News April 18, 2024 CHAINLOOP JOINS OPENSSF Engineering March 14, 2024 JUMPSTART COMPLIANCE AND SECURITY WITH DAGGER AND CHAINLOOP Engineering November 8, 2023 SOFTWARE BILL OF MATERIALS THAT YOU CAN TRUST Engineering September 6, 2023 ANNOUNCING FEDERATED CONTENT ADDRESSABLE STORAGE PRODUCTS Chainloop Open SourceChainloop Services RESOURCES DocumentationBlogSlackPrivacyConsent Preferences ABOUT TeamCareersContact UsRequest a Demo SOCIAL TwitterLinkedInGithubYouTube © Chainloop, Inc. All Rights Reserved.