2023-01-23 ◦ What is software supply chain security?
The supply chain includes networks of information about the software, like the components (e.g. infrastructure, hardware, operating systems (OS), cloud services, etc.), the people who wrote them, and the sources they come from, like registries, GitHub repositories, codebases, or other open source projects. It also includes any vulnerabilities that may negatively impact software security – and that’s where software supply chain security comes in
- A compilation of resources in the software supply chain security domain, with emphasis on open source