Supply Chain Security

Practices for securing the software supply chain, including SBOM generation, dependency management, artifact signing, and provenance tracking.

DevOpsDataEngineeringGenerativeAIReliabilityMachineLearningAIInfrastructureCI/CDFrontendEngineeringMicroservicesCloudSecurityDeveloperExperienceDevSecOpsCloudArchitectureCloudNativeEvent-DrivenObservabilitySecurityArchitectureAIGovernanceAPIDesignApplicationSecurityCloudMigrationComplianceCostOptimizationDataGovernanceLegacyModernizationServerlessWebPerformanceDataArchitectureDeploymentStrategyDesignSystemsIncidentResponseInfrastructureasCodeKubernetesNLPPlatformEngineeringSystemDesignTestingStrategyAIAgentsAICostOptimizationDataQualityDataSecurityDataStorageEdgeComputingIdentityManagementMulti-CloudRealTimeDataSupplyChainSecurityAnalyticsAnalyticsEngineeringDataPrivacyDatabaseMigrationDesignTokensDisasterRecoveryE-CommerceFinOpsGitOpsProgressiveWebAppsServiceMeshThreatModeling
Supply Chain Security DevSecOps

Software Supply Chain Security

Running npm audit is not a software supply chain security program. Modern applications are mostly third-party code.

Read Article →
Supply Chain Security DevSecOps

Secure Software Supply Chain: SBOM and Provenance

Vulnerability scanners are not enough. You need cryptographic provenance verification across your entire build pipeline.

Read Article →