BrandPost: Improving Software Supply Chain Security with DevSecOps

Over the past year, there have been several high-profile incidents in which attackers have attempted to compromise enterprises through the software supply chain.

A software supply chain “is anything that goes into or affects your code from development, through your CI/CD pipeline, until it gets deployed into production,” Maya Kaczorowski of Nutanix explains in a GitHub post. “It’s anything and everything that goes into your software, like code, binaries, and other components, and where they come from, like a repository or a package manager.”

To read this article in full, please click here