Skip to main content
Image coming soon

Become the go-to practitioner for SLSA adoption in your organisation

$199.00
Adding to cart… The item has been added

A tailored course, built for your situation

Become the go-to practitioner for SLSA adoption in your organisation

The structured way to lead SLSA integration with confidence and visibility

$199 one-time
24-hour access provisioning 30-day money-back guarantee Hand-built implementation playbook
12 modules. 12 chapters per module. 144 chapters total.
12 modules, each with 12 chapters (144 chapters total), text-based, plus downloadable templates and a hand-built implementation playbook delivered alongside course access.
Being overlooked despite having the right insights

The situation this course is for

Strong ideas on software integrity get ignored without positional authority or repeatable methods

Who this is for

Senior product practitioner driving secure developer workflows

Who this is not for

Entry-level contributors, compliance auditors, or those without influence across engineering teams

What you walk away with

  • Trusted reference for SLSA design decisions across teams
  • Repeatable templates for SLSA Level 2+ implementation
  • Precedent library with real-world build integrity examples
  • Internal advocacy playbook for overcoming adoption friction
  • Recognition as the primary contributor to secure supply chain standards

The 12 modules (with all 144 chapters)

Module 1. Understanding SLSA Fundamentals
Build a concrete foundation in SLSA’s tiers, requirements, and real-world applicability to modern software delivery pipelines.
12 chapters in this module
  1. What SLSA solves in practice
  2. Tier 1 vs Tier 2 distinctions
  3. Build vs source integrity
  4. Provenance metadata essentials
  5. The role of attestations
  6. SLSA vs SBOM overlap
  7. Key stakeholders in adoption
  8. Common misinterpretations
  9. Mapping SLSA to CI/CD
  10. First-party vs third-party builds
  11. Human factors in compliance
  12. Toolchain expectations
Module 2. Designing SLSA-Compliant Workflows
Architect developer workflows that meet SLSA criteria without sacrificing velocity or usability.
12 chapters in this module
  1. CI pipeline hygiene standards
  2. Build platform trust chains
  3. Immutable build logs
  4. Non-forgeable timestamps
  5. Access control boundaries
  6. Separation of duties setup
  7. Reproducibility thresholds
  8. Container build tracking
  9. Branch protection alignment
  10. Approval gate integration
  11. Audit trail completeness
  12. Developer onboarding flow
Module 3. Generating Attestations
Master how to create, store, and validate attestations that meet SLSA’s integrity and authenticity requirements.
12 chapters in this module
  1. Attestation schema breakdown
  2. Signing with Fulcio
  3. Timestamping via Rekor
  4. Attestation storage patterns
  5. Retrieval during audits
  6. Human vs machine attestation
  7. CI job context inclusion
  8. Provenance data fields
  9. JSON structure norms
  10. Signing key management
  11. Verification automation
  12. Supporting tooling
Module 4. Implementing Tiered Compliance
Guide teams progressively from SLSA 0 to SLSA 3 with practical, phased deliverables.
12 chapters in this module
  1. Assessing current maturity
  2. Tier 1 quick wins
  3. Tier 2 readiness checklist
  4. Build environment hardening
  5. Source repository integrity
  6. Author verification methods
  7. Log integrity protection
  8. Preventing tampering
  9. Independent verification
  10. Policy enforcement tools
  11. Achieving reproducibility
  12. Automating compliance checks
Module 5. Advocating for Adoption
Develop communication and influence strategies that make SLSA adoption inevitable, not optional.
12 chapters in this module
  1. Framing for engineering leads
  2. Risk language that lands
  3. Speed vs security balance
  4. Executive summary templates
  5. Peer-level persuasion tactics
  6. Objection handling scripts
  7. Use case packaging
  8. Internal evangelism paths
  9. Success metric definition
  10. Storytelling with data
  11. Building coalition support
  12. Sustaining momentum
Module 6. Integrating with SBOMs
Align SLSA outputs with Software Bill of Materials workflows to strengthen overall supply chain transparency.
12 chapters in this module
  1. SLSA and SBOM overlap points
  2. SPDX compatibility
  3. CycloneDX integration
  4. Attestation embedding
  5. Dependency provenance
  6. Component-level verification
  7. Automated SBOM generation
  8. Linking build to package
  9. Validation during deployment
  10. Security review triggers
  11. Audit preparation uses
  12. Cross-toolchain flow
Module 7. Hardening Build Platforms
Secure the infrastructure where builds occur to support higher-tier SLSA compliance.
12 chapters in this module
  1. Build platform ownership
  2. Immutable OS images
  3. Network isolation
  4. Secrets management
  5. Build container security
  6. Host integrity checks
  7. Remote attestation
  8. Zero-trust principles
  9. Build worker identity
  10. Audit logging depth
  11. Tamper-evident storage
  12. Recovery from compromise
Module 8. Verifying Third-Party Artifacts
Establish practices to validate external components against SLSA standards.
12 chapters in this module
  1. Assessing vendor SLSA claims
  2. Attestation verification steps
  3. Trusted repository patterns
  4. Rekor log lookup
  5. Signing key validation
  6. Provenance data review
  7. Tier achievement confirmation
  8. Gap identification
  9. Remediation workflows
  10. Vendor engagement templates
  11. Escalation thresholds
  12. Reporting upstream issues
Module 9. Creating Internal Standards
Develop clear, enforceable internal SLSA policies tailored to your organisation’s risk profile and technical landscape.
12 chapters in this module
  1. Policy scoping
  2. Enforceability criteria
  3. Alignment with NIST SSDF
  4. Versioning practices
  5. Team-specific exceptions
  6. Compliance evidence types
  7. Automated policy checks
  8. Audit readiness planning
  9. Executive sign-off process
  10. Training obligations
  11. Documentation standards
  12. Review cycles
Module 10. Leading Cross-Team Initiatives
Orchestrate SLSA adoption across multiple engineering units with consistency and minimal friction.
12 chapters in this module
  1. Stakeholder mapping
  2. Champion network setup
  3. Pilot project selection
  4. Feedback loops
  5. Scaling lessons
  6. Team-specific onboarding
  7. Toolchain integration
  8. Progress tracking
  9. Incentive alignment
  10. Conflict resolution
  11. Governance committee role
  12. Sustainability planning
Module 11. Preparing for Audits
Assemble documentation and evidence trails that confidently demonstrate SLSA compliance.
12 chapters in this module
  1. Evidence collection checklist
  2. Attestation archives
  3. Build log retention
  4. Provenance storage
  5. Access control logs
  6. Third-party verification records
  7. Policy adherence proof
  8. Remediation history
  9. Timeline reconstruction
  10. Q&A preparation
  11. Internal dry runs
  12. External auditor expectations
Module 12. Sustaining and Evolving Compliance
Keep SLSA practices alive and adaptive as tooling, threats, and organisational needs change.
12 chapters in this module
  1. Change impact analysis
  2. Version upgrade planning
  3. Toolchain evolution
  4. Threat landscape updates
  5. Policy refresh cycles
  6. Team turnover onboarding
  7. Automation maintenance
  8. Incident response integration
  9. External standard alignment
  10. Feedback integration
  11. Metrics refinement
  12. Leadership reporting

How this maps to your situation

  • Leading internal SLSA adoption
  • Designing secure CI/CD pipelines
  • Advocating for stronger supply chain standards
  • Preparing for security audits

Before vs. after

Before
SLSA insights remain informal and inconsistently applied across teams
After
You are the recognised authority driving consistent, auditable SLSA adoption

What's included with your purchase

  • 12 modules with 12 chapters each (144 chapters)
  • Downloadable templates and worked examples for every module
  • Hand-built implementation playbook delivered alongside course access
  • 30-day money-back guarantee

Delivery and format

  • Course and learning environment access provisioned within 24 hours of purchase
  • Hand-built implementation playbook delivered alongside course access

Format: Text-based modules and chapters in the Art of Service learning environment, plus downloadable templates and worked examples for every chapter, plus the hand-built implementation playbook delivered alongside course access.

Time investment: Approximately 60 minutes per week over 12 weeks, designed to fit around core responsibilities

If nothing changes
Without intentional positioning, critical security initiatives default to external consultants or get implemented without your input

How this compares to the alternatives

Unlike generic security courses, this program delivers specific, actionable frameworks for SLSA implementation, tested in real product-led engineering environments.

Frequently asked

Who is this course for?
Senior product and engineering practitioners leading or influencing secure software delivery practices.
How is the course structured?
12 modules, each containing 12 chapters (144 chapters total).
Will this help me gain visibility in my organisation?
Yes, by mastering SLSA implementation, you position yourself as the go-to internal expert for secure supply chain standards.
$199 one-time. Approximately 60 minutes per week over 12 weeks, designed to fit around core responsibilities.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.

30-day money-back guarantee· 144 chapters· Hand-built playbook included· Account access within 24 hours