Deploying software to your internal systems or sending releases to external customers is a process that ideally follows strong security requirements in an end-to-end manner. In a perfect world, every software release should come with at least the following guarantees In the world of CI/CD we are mostly interested in binary artifacts and how they were created all the way from the initial release up until they reach production.