This commit is contained in:
@@ -27,6 +27,16 @@ Each card is a fast read pairing the headline capability with the evidence that
|
||||
- **Evidence:** Quota tokens verify locally using bundled public keys, and Offline Update Kits include mirrored advisories, SBOM feeds, and VEX sources.
|
||||
- **Why it matters:** You stay within predictable limits, avoid surprise throttling, and operate entirely offline when needed.
|
||||
|
||||
## 6. Signed Reachability Proofs (Hybrid)
|
||||
- **What it is:** Every reachability graph is sealed with a graph-level DSSE and optional edge-bundle DSSEs for runtime/init/contested edges; Rekor-backed when enabled.
|
||||
- **Evidence:** CAS layout `cas://reachability/graphs/{hash}` + `{hash}.dsse`; edge bundles capped and sorted; quarantine/dispute uses per-edge revocation. See `docs/reachability/hybrid-attestation.md`.
|
||||
- **Why it matters:** You can prove (or contest) exactly why a vuln is reachable, replay results offline, and avoid flooding transparency logs.
|
||||
|
||||
## 7. Competitive Moats (2025-11 refresh)
|
||||
- **What it is:** Deterministic replay, lattice VEX, sovereign crypto profiles, proof graph, and hybrid reachability attestations held as first-class product pillars.
|
||||
- **Evidence:** `docs/market/competitive-landscape.md` distils a 15-vendor comparison; `03_VISION.md` lists moats; `docs/reachability/lead.md` details the reachability proof moat.
|
||||
- **Why it matters:** Clear differentiation guides roadmap and sales; keeps us focused on replayable, sovereign, and explainable security.
|
||||
|
||||
### Explore Further
|
||||
- Walk the first deployment in [quickstart.md](quickstart.md).
|
||||
- Dive into architectural flows in [high-level-architecture.md](high-level-architecture.md).
|
||||
|
||||
Reference in New Issue
Block a user