Security Engineer

hardsecurity-engineer-supply-chain

What is software supply chain security and how do you reduce risk?

Answer

Supply chain security protects builds and dependencies. Practices: - Pin and verify dependencies - Use SBOMs - Signed builds and provenance - Restrict CI permissions Also monitor for typosquatting and compromised packages and have a fast patch/rollback process.

Related Topics

Supply ChainDevSecOpsSecurity

Related Questions

What is threat modeling and how do you do it in practice?

What are the OWASP Top 10 risks and how do you reduce them in real systems?

How do you run an effective vulnerability management program?

Back to Security Engineer All Professions