This commit is contained in:
@@ -368,6 +368,17 @@ opa eval -i gate-input.json -d policy/ -f pretty "data.stella.policy.allow"
|
||||
|
||||
---
|
||||
|
||||
## 9) Moats
|
||||
- **Deterministic replay:** Hash-stable scans with frozen feeds and analyzer manifests; replay packs verifiable offline.
|
||||
- **Hybrid reachability attestations:** Graph-level DSSE always; selective edge-bundle DSSE for runtime/init/contested edges with Rekor caps.
|
||||
- **Lattice VEX engine:** Trust algebra across advisories, runtime, reachability, waivers; explainable paths.
|
||||
- **Crypto sovereignty:** FIPS/eIDAS/GOST/SM/PQC profiles and offline mirrors as first-class configuration.
|
||||
- **Proof graph:** DSSE + Rekor spanning SBOM, call-graph, VEX, replay manifests for chain-of-custody evidence.
|
||||
|
||||
See also: `docs/market/competitive-landscape.md` for vendor comparison and talking points.
|
||||
|
||||
---
|
||||
|
||||
|
||||
## 8 · Change Log
|
||||
|
||||
|
||||
Reference in New Issue
Block a user