Unpacking the CNCF Software Supply Chain Security Best Practices Whitepaper
by Cole Kennedy, James Bohrman
| Tuesday, Aug 3, 2021
| Security Supply Chain Security CNCF
Introduction The increasing frequency of software supply chain attacks over the past few years has seen a lot of attention directed at the open source software that secures the software build process. Although the number of successful exploits is relatively small, the ramifications of these successful exploits are often far-reaching and catastrophic, and they have the potential to entice further attacks.
Despite the increasing importance of addressing these vulnerabilities, there is still somewhat of a blind spot when it comes to processes and mitigation strategies for addressing supply chain vulnerabilities.