DOP 111: What Are Software Supply Chain Attacks?

<p>#111: Ever since Alex Birsan published his Dependency Confusion article in February 2021, the concept of the software supply chain has come to the forefront. The supply chain should not be a new concept to people, but many seemed to have been caught off guard. Today we talk about Alex's article along with a new project that allows you to manage your supply chain security in Tekton.</p> <p> </p> <p><a href= "https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610"> https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610</a></p> <p><a href= "https://security.googleblog.com/2021/06/verifiable-supply-chain-metadata-for.html"> https://security.googleblog.com/2021/06/verifiable-supply-chain-metadata-for.html</a></p> <p><a href= "https://cloud.google.com/blog/products/identity-security/how-were-helping-reshape-software-supply-chain-ecosystem-securely"> https://cloud.google.com/blog/products/identity-security/how-were-helping-reshape-software-supply-chain-ecosystem-securely</a></p> <p><a href= "https://portswigger.net/daily-swig/software-supply-chain-attacks-everything-you-need-to-know"> https://portswigger.net/daily-swig/software-supply-chain-attacks-everything-you-need-to-know</a></p> <p><a href= "https://www.cisa.gov/publication/software-supply-chain-attacks">https://www.cisa.gov/publication/software-supply-chain-attacks</a></p> <p><a href= "https://www.whitesourcesoftware.com/resources/blog/software-supply-chain-attacks/"> https://www.whitesourcesoftware.com/resources/blog/software-supply-chain-attacks/</a></p> <p><a href="https://deps.dev/">https://deps.dev/</a></p> <p> </p> <p>YouTube channel:</p> <p><a href= "https://youtube.com/devopsparadox/">https://youtube.com/devopsparadox/</a></p> <p> </p> <p>Books and Courses:</p> <p>Catalog, Patterns, And Blueprints</p> <p><a href= "https://www.devopstoolkitseries.com/posts/catalog/">https://www.devopstoolkitseries.com/posts/catalog/</a></p> <p> </p> <p>Kubernetes Chaos Engineering With Chaos Toolkit And Istio</p> <p><a href= "https://www.devopstoolk