Securing the software supply chain

As the infamous SolarWinds attack showed, it’s no longer sufficient to just write secure code, you need to ensure that you understand the security risks throughout your entire software supply chain: whether that’s compilers, containers or the tools used to manage deployment pipelines.