security

Supply Chain Security

Software Supply Chain Security

Definition

Software supply chain security encompasses the practices and controls that protect the integrity of code, dependencies, and build processes from source through deployment. Attacks like SolarWinds and XZ Utils demonstrated that compromising a build tool or upstream dependency can affect thousands of downstream consumers.

Key controls include SBOMs, dependency pinning, provenance attestation, and signed artifacts.

Related Terms

SBOM

Software Bill of Materials

SLSA

Supply Chain Levels for Software Artifacts

SCA

Software Composition Analysis

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product