Framework | Type | Purpose | Coverage | Verification | Chainloop Docs |
---|---|---|---|---|---|
Best Practices by Chainloop | Custom policy set | Recommended internal basic security policies | Full tracking | Automated policies | |
Cyber Resilience Act (CRA) | Regulation | Minimising risks on released software | In-preview | Self-assessment checklist, manual evidence, automated policies | Reference User Guide |
SLSA v1.0 | Specification | Securing the software supply chain | Full tracking | Manual evidence, automated policies | Reference User Guide |
SSDF | Framework | Integrating security practices into software development lifecycle | In-preview | Self-assessment checklist, manual evidence, automated policies | Reference User Guide |
[framework-name]/[requirement-name]
.