---
type: Glossary Term
title: SLSA (Supply-chain Levels for Software Artifacts)
description: "SLSA — pronounced \"salsa\" — is an open security framework that defines verifiable integrity and provenance guarantees for software artifacts. It started at Goog"
resource: "https://www.contextstudios.ai/glossary/slsa"
category: security
language: en
timestamp: "2026-06-25T12:03:47.024Z"
---

# SLSA (Supply-chain Levels for Software Artifacts)

SLSA — pronounced "salsa" — is an open security framework that defines verifiable integrity and provenance guarantees for software artifacts. It started at Google and is now maintained under the OpenSSF (Open Source Security Foundation). SLSA lays out a ladder of increasing assurance levels that describe how confidently you can prove an artifact — a container image, an npm package, a compiled binary — actually came from the source code and build process it claims, and was not tampered with along the way.

At the heart of the framework sits provenance: a signed, machine-readable attestation that records which source produced which artifact, through which build system. The levels climb from basic build provenance up to hardened, tamper-resistant build platforms whose attestations cannot be forged.

Against supply chain attacks, SLSA is a direct countermeasure. Teams that require provenance and verify it before deployment can catch swapped-in or compromised dependencies before they ever reach production. That matters most in AI agent pipelines, which pull in third-party packages, models, and tools at scale: SLSA closes the trust gap between the code a team believes it is running and the artifact it actually executes.
