Protect the Software (PS)

Protect the Software (PS) for Build and Deploy CI/CD Steps

Protect the Software (PS)

Protect the Software (PS): Organizations should protect all components of their software from tampering and unauthorized access.

PS.1

Protect All Forms of Code from Unauthorized Access and Tampering : Help prevent unauthorized changes to code, both inadvertent and intentional, which could circumvent or negate the intended security characteristics of the software. For code that is not intended to be publicly accessible, this helps prevent theft of the software and may make it more difficult or time-consuming for attackers to find vulnerabilities in the software.

To satisfy SSDF PS.1 in a build and deploy context using open-source tools, the focus shifts from just defining to:

Secure the CI/CD pipeline itself – ensure only trusted, authenticated processes can produce build outputs.
Protect source inputs and dependencies, lock versions, use checksums, and prevent injection of malicious code into the build process.
Sign artifacts and record provenance, generate cryptographically verifiable metadata proving what was built, from which source, and by whom.
Enforce reproducible builds so that any tampering results in a hash/signature mismatch.
Restrict build system access and enforce role-based permissions, MFA, and least privilege for build servers

Tasks	Tools
PS.1.1: Store all forms of code including source code, executable code, and configuration-as-code based on the principle of least privilege so that only authorized personnel, tools, services, etc. have access.
	cosign Sigstore Sign build outputs (binaries, containers, SBOMs) and create attestations; verify in CI before promotion.
	Git signed commits/tags Require signed commits/tags and reject unsigned in CI to prevent unauthorized code from entering builds.
	Sigstore Fulcio + Rekor Issue short-lived certs (Fulcio) and record signatures/attestations in a transparency log (Rekor) to detect/trace tampering.
	SLSA provenance (generators + verifier) Emit and sign build provenance; verify who/what/where built the artifact before it can ship.
	In-toto Define a supply-chain layout and verify each step’s materials/products to ensure nothing was tampered across the pipeline.
	Tekton Chains Automatically sign task results (images, files) in Tekton pipelines and store attestations (e.g., in Rekor).
	Notation (CNCF Notary v2) Sign OCI artifacts (images, Helm charts) during build for later verification in registries and clusters.
	Nix Lock inputs and make builds deterministic so unauthorized changes are detectable by hash/provenance mismatch.
	Bazel Lock inputs and make builds deterministic so unauthorized changes are detectable by hash/provenance mismatch.
	Grafeas Persist signatures, SBOMs, and policy metadata to audit build integrity across services..
	Harbor Enforce content trust, robot accounts, and policy on who can push/pull; require signed artifacts before release..
	Sigstore Policy Controller Admission controller that blocks unsigned/incorrectly signed images; enforces key/issuer/subject policies.
	Kyverno Kubernetes policies that require image signatures, pin by digest, and forbid mutable tags in deployments.
	OPA Gatekeeper Gate deployments with custom policies (e.g., “only signed images from approved registries/namespaces”).
	Ratify Verifies OCI signatures/attestations (Cosign/Notation) at admission time and blocks anything that fails verification.
	Connaisseur Kubernetes admission controller dedicated to verifying container image signatures before scheduling.
	Sigstore Cosign Verify signatures/attestations as a release gate in your CD pipeline prior to applying manifests.

PS.2

Provide a Mechanism for Verifying Software Release Integrity: Help software acquirers ensure that the software they acquire is legitimate and has not been tampered with. Make software integrity verification information available to software acquirers.

To satisfy SSDF PS.2 in a build and deploy context using open-source tools, the focus shifts to:

Generate integrity artifacts for every release
Bind artifacts to versioned source
Publish verification materials
Require integrity checks as a release gate
Expose verification data to consumers
Admission control based on integrity

Tasks	Tools
PS.2.1: Make software integrity verification information available to software acquirers.
	cosign Sigstore Sign binaries, container images, SBOMs, and attestations during build; supports keyless signing.
	Git signed commits/tags Sign release tags to cryptographically tie the source to the built artifact.
	Sigstore Fulcio + Rekor Fulcio issues ephemeral signing certs; Rekor logs all signatures in a tamper-evident transparency log for downstream verification.
	SLSA provenance (generators + verifier) Automatically generate provenance metadata describing build origin, inputs, and process. Validates provenance files to ensure artifact integrity before distribution.
	In-toto Defines a verifiable software supply chain layout; creates link metadata proving each build step.
	Grafeas Stores metadata (signatures, checksums, SBOMs) so it can be queried for verification.
	GNU Coreutils / sha256sum Create and publish checksums for release artifacts so recipients can manually or automatically verify integrity.
	Harbor Enforce content trust; ensure only signed images are stored and distributed with policy on who can push/pull; require signed artifacts before release.
	Sigstore Policy Controller Kubernetes admission controller enforcing signature/provenance policies before deployment. Admission controller that blocks unsigned/incorrectly signed images; enforces key/issuer/subject policies.
	Kyverno Kubernetes policies that require image signatures, pin by digest, and forbid mutable tags in deployments. Validates signatures and digests for container images before they are deployed.
	OPA Gatekeeper Custom admission control to enforce artifact integrity and trusted signer policies.
	Ratify Pluggable verification framework for OCI registries/images; works with Cosign, Notation, in-toto.
	Connaisseur Kubernetes admission controller dedicated to signature verification and image trust policies.
	Notation Signs OCI artifacts (containers, Helm charts) and verifies them prior to install or deployment.
	Sigstore Cosign Used in CD pipelines or admission hooks to verify signatures and attestations match trusted keys/policies before promotion.

PS.3

Archive and Protect Each Software Release: Preserve software releases in order to help identify, analyze, and eliminate vulnerabilities discovered in the software after release.

To satisfy SSDF PS.3 in a build and deploy context using open-source tools, the focus shifts to:

Build: The emphasis is on capturing, storing, and securing every official release (source, binaries, SBOM, signatures, provenance) in immutable, versioned storage.
Deploy: The emphasis is on ensuring only those archived, protected releases are used in production with immutability, digest pinning, and signature/provenance verification as enforcement mechanisms.

Tasks	Tools
PS.3.1: Securely archive the necessary files and supporting data (e.g., integrity verification information, provenance data) to be retained for each software release. PS.3.2: Collect, safeguard, maintain, and share provenance data for all components of each software release (e.g., in a software bill of materials [SBOM]).
	Git (Release Tagging) Create immutable, signed tags for each release; preserves source snapshot for auditing
	Git LFS Store large binary release artifacts alongside source with integrity checks.
	Nexus Repository OSS OSS Host and version control release artifacts (JARs, binaries, containers) with role-based access and checksum validation.
	JFrog Artifactory OSS Archive build outputs in a controlled, versioned repository; supports checksums and retention policies.
	Harbor Store container images with vulnerability scanning, RBAC, and signed content trust to preserve release integrity. Enforce immutable tags and prevent overwrites so deployed artifacts can always be traced back to the archived copy.
	OSS Review Toolkit (ORT) Archive SBOMs, license files, and vulnerability reports alongside the release for compliance/audit.
	Sigstore Cosign Sign release artifacts before archiving so integrity can be checked later.
	Kyverno Enforce digest-pinned images to ensure deployments always match archived release versions.
	OPA Gatekeeper Policy enforcement to ensure only archived, approved artifacts are deployed.
	Ratify Verifies artifact signatures/attestations against archived release metadata before deployment..
	Connaisseur Admission controller that enforces deployment of only signed images from the archived se
	Backblaze B2 / Rclone (OSS integration) Long-term archival of deployed artifact versions for rollback or investigation.
	SLSA Provenance + Rekor Retain build provenance in a transparency log so deployed releases can be cross-verified with archived originals