Home Resources Software Supply Chain Security Knowledge Center

Software Supply Chain Security Knowledge Center

Software Supply Chain Security

Software Supply Chain Risks

Software Supply Chain Attacks

NIST SSDF Framework

SLSA Cybersecurity Framework

Software Composition Analysis

Software Supply Chain Security Best Practices

SDLC Security Best Practices

Mastering Software Supply Chain Security: A Comprehensive Guide to Discovery and Risk Mitigation

From Trust to Evidence Based continuous compliance in SSC

The Good, Bad & Beautiful: Software Supply Chain Trust, Risk & Compliance

Securing the Software Development Lifecycle and Supply Chain

Navigating Software Supply Chain Risk and Trust: The CISO Perspective

How to Secure Your Software Supply Chain

What must you do to secure your SSC in the US vs the EU?

Should you trust AI to protect your software supply chain

Improve Your Supply Chain Security Pipeline

The power of evidence-based attestations in software supply chain security

From Application Security to Software Supply Chain Security – Whitepaper

Software Supply Chain Security: All You Need To Know

Building transparent trust for the entire software supply chain with a security trust hub

SolarWinds CISO shares lessons learned & practical steps to secure your software supply chain

5 Things you should know to secure your software supply chain

Continuous Assurance and Software Supply Chain Security

Improving The Trust In The Software Supply Chain

Defending Against Recent Software Supply Chain Attacks: Lessons and Strategies

Would you go to battle without a map?

The Impact of AI on Software Supply Chain Security

Software Supply Chain Security: The Top 7 Best Practices You Need to Know

Practical Steps Towards Protecting Your MLOps Pipeline

What is ASPM?®

CI/CD Security Best Practices

How To Uphold Security Standards in the SDLC and Address SSDF Requirements

Using SBOM and Feeds Analytics to Secure Your Software Supply Chain

Striking Balance: Redefining Software Security with ‘Shift Left’ and SDLC Guardrails

A Secret Encounter in the Software Supply Chain

How To Avoid CVE Burnout and Alert Fatigue in Vulnerability Scans?

What Happens When an AI Company Falls Victim to a Software Supply Chain Vulnerability

Using the 3CX Desktop App Attack To Illustrate the Importance of Signing and Verifying Software

How Confident Are You With What’s Really Happening Inside Your CI/CD Pipeline? The Elements You Should Be Securing, and How

The story of the OpenSSL patch 3.0.7 and the lessons you can learn from it

From Vulnerability to Victory: Defending Your CI/CD Pipeline

What does the future hold for VEX? And how would it affect you?

From Application Security to Software Supply Chain Security: A Fresh Approach Is Needed

GitHub vulnerabilities parallel research

Graph for Understanding Artifact Composition (GUAC): Key highlights

Taking software supply chain security to the next level with the latest OMB memo

Don’t be the weakest link: The role of developers in securing the software supply chain

IconBust, a new NPM attack

What’s hiding in your code?

GitHub Cache Poisoning

Continuous Assurance: An Integral Practice for Software Supply Chain Security