1 templates mapped to SLSA Framework (Supply-chain Levels for Software Artifacts).
Enterprise-grade software supply chain security policy addressing modern threats like SolarWinds, Log4j, and dependency confusion attacks. Covers SBOM requirements (SPDX/CycloneDX), build pipeline security (SLSA Framework), artifact signing (Sigstore), open source security controls, and vendor risk assessment. Aligned with Executive Order 14028, NIST SSDF, and 2025/2026 supply chain regulations.