The Unified Platform Built on Salmon — Providing Execution Provenance with Enterprise Security and Governance
Archipelo establishes a deterministic record of how software is produced across human developers, AI copilots, and agents — with security findings, policy, and governance controls built on Salmon, the execution provenance protocol.
How the Platform Works
Software is no longer produced by a single developer. It is created through ordered sequences of actions spanning humans, AI copilots, autonomous agents, and CI/CD pipelines — that together produce a single outcome.
Archipelo, powered by Salmon, records this activity into a deterministic execution record as development happens.
It answers four questions: 1) what was the sequence of actions that occurred, 2) how was the outcome produced and through which path, 3) which specific developer, copilot, pipeline, or agent was responsible, and 4) what does the record mean for security, policy, and governance.
Archipelo assembles this record automatically and surfaces it for engineering and security teams.
Powered by Salmon —
The Execution Provenance Protocol
Salmon establishes a deterministic execution chain across every step of software production — a canonical record from which responsibility is derived, not reconstructed from logs or telemetry.
Explore Salmon
A New Infrastructure Layer in the Software Stack
Archipelo defines a new system layer — Execution Provenance and Attribution — that sits between execution systems and security/governance tooling.
Developer Security Posture Management (DevSPM) is the security, policy, and governance layer for multi-actor software production. Powered by Salmon, the execution provenance protocol, DevSPM links developer identity and actions to software security risks — providing deterministic attribution across human developers, AI copilots, and agents.
Enabling Autonomous Software
Production at Scale
The system starts at the individual developer level — and expands into a full control layer covering teams and the entire organization.
- OSS (Salmon)
Local Execution · Individual Causality
A developer runs Salmon locally and uses it for debugging agentic workflows. - Team
Shared Execution · Cross-Actor Causality
Multi-actor causality covering teams, agents, multiple repos and environments. - Enterprise (DevSPM)
Governed Execution · Policy + Control
The Archipelo platform provides enterprises with the security & governance controls — enforcing rules across human developers, AI copilots, and agents.
Get Started
Verify how your software was produced — across human developers, AI copilots, and agents. Archipelo provides the system of record for execution attribution, security, and governance across software production.
Request a Demo