Supply Chain Security 101
Everything you need to know about software supply chain security in the age of open source.
- AppSecSoftware Supply Chain
What is malicious code? Examples, how it spreads, and how to stop it
Malicious code hides in trusted packages and pipelines. Learn how supply chain verification stops it before it reaches production.
- Software Supply ChainDevSecOps
What is container runtime security?
Understanding container runtime security best practices can help protect your critical applications against threats to your containerized applications.
- AppSecSoftware Supply Chain
Malicious dependency attacks in the software supply chain
Learn about malicious dependencies and how to secure your software systems against them.
- Software Supply ChainDevSecOps
Managing risk in the software supply chain
Secure your product by understanding risk factors in complex software supply chains, and best practices for mitigating common security vulnerabilities.
- AppSecSoftware Supply Chain
Application security assessments: A practical guide
Learn about application security assessments and how they can protect from breaches as modern development becomes more complex.
- Software Supply ChainDevSecOps
Security automation: Stop chasing vulnerabilities and start preventing them
Security automation can ensure that vulnerabilities in open source components are resolved quickly and efficiently.
- Software Supply ChainDevSecOps
What is a secure software development lifecycle (SDLC)?
Understand what a secure SDLC is, and how you can integrate secure coding practices into the SDLC to build better applications.
- DevSecOpsSoftware Supply Chain
What is Software Composition Analysis (SCA)?
Learn what SCA is and how it works: inventory dependencies, map CVEs and licenses, and enforce policy in PRs and CI before release.
- Software Supply ChainTools & Buyer’s Guides
Partner Puzzle’s Perspective on Chainguard Containers and Libraries
Puzzle ITC shares how Chainguard’s minimal, source-built container images reduce CVE noise and transform software supply chain security.
- Software Supply Chain
Software supply chain security: Threat vectors & solutions
Understand key supply chain threats and stop them with minimal images, verifiable builds, provenance, and secure-by-default tooling.
- AppSecSoftware Supply Chain
The npm registry can’t protect you: The new JavaScript supply chain attacks
Npm supply chain attacks are awakening. Learn what they are, how they work, why they're worsening, their business impact, and how to prevent them.
- AppSecSoftware Supply Chain
5 real CVE examples, and how to prevent them
Understand key CVE examples, lessons learned, and best practices for reducing vulnerabilities and protecting your organization.