SSCA onboarding guide
This guide explains what you need to know to get started using Harness SSCA.
Complete Harness Platform onboarding
If you're new to Harness, review the Harness Platform onboarding guide and Harness Platform key concepts before onboarding to SSCA.
Learn about Harness SSCA concepts and features
Learn about the features, components, and key concepts of Harness SSCA:
Use SSCA
| Feature | Works with Harness Code Repository | Works with Harness CI (using Harness Pipeline's Build Stage) | Works with Harness CD (using Harness Pipeline's Deploy Stage) | Works with 3rd Party Code Repo/CI/CD (using Harness Pipeline's Security Stage) |
|---|---|---|---|---|
| Generate or ingest SBOM, followed by SBOM drift detection & SBOM scores | Y | Y | Y | Y |
| Enforce OSS usage with SBOM governance policies | Y | Y | Y | Y |
| Generate SLSA provenance | Y | Y | N | N |
| Verify SLSA provenance with SLSA governance policies | Y | Y | Y | Y |
| Create and manage Remediation Trackers | On Roadmap | On Roadmap | Y with Live Tracking | Y without Live Tracking |
Tutorials
Tutorials go into detail on specific use cases for SSCA.