This guide details several key considerations for securing the software supply chain. On a fundamental level, it explains how to secure applications from upstream risk and how to prevent your organization from generating downstream risk.
Key considerations for securing your software supply chain include
- Is the open source you use secure?
- Is the code you write secure?
- Are you protecting yourself against deliberately inserted malicious code?
- Is your development and delivery infrastructure secure?
- Are the APIs and protocols your applications use to communicate with other systems secure?