Evidence as an Input

kosli logo
Kosli
Dec 16, 2025
Kosli

Evidence isn’t something you produce at the end — it’s something every control generates for the next one.

In this video, Mike Long (CEO & Co-founder, Kosli) explains how vulnerability scans produce evidence tied to the artifact fingerprint and the policy file used, and how that evidence becomes an input to downstream controls like release approvals.

This is the core of reusable, continuous compliance.

👉 Download the secure SDLC process template:
https://www.kosli.com/secure-sdlc-process-template/

⏱ Video Timeline

00:00 – Every control has inputs

00:01 – Example: vulnerability scan inputs

00:23 – Fingerprint + policy file

00:33 – Recording the test result

00:51 – Storing in a system of record

01:08 – Querying evidence by fingerprint

01:20 – Using evidence as inputs for release controls

🔗 Links
✅ Secure SDLC process template: https://www.kosli.com/secure-sdlc-process-template/

✅ Visit Kosli: https://www.kosli.com/

Copyright © 2026 OpsMatters™. All rights reserved.