This talk will cover the end-to-end use cases for sigstore, a free keyless signing service, in a software supply chain framework (SLSA, NIST SSDF). We will cover the key technologies and goals such as immutable audits and real-time continuous compliance.