Supply Chain Security 101
Everything you need to know about software supply chain security in the age of open source.
- AppSecSoftware Supply Chain
What is malicious code? Examples, how it spreads, and how to stop it
Malicious code hides in trusted packages and pipelines. Learn how supply chain verification stops it before it reaches production.
- Software Supply ChainDevSecOps
What is container runtime security?
Understanding container runtime security best practices can help protect your critical applications against threats to your containerized applications.
- AppSecSoftware Supply Chain
Malicious dependency attacks in the software supply chain
Learn about malicious dependencies and how to secure your software systems against them.
- AppSecDevSecOps
Attack Surface Management (ASM): Best practices guide
Learn what attack surface management is, why it matters, and how to reduce risk with modern tools and best practices.
- Software Supply ChainDevSecOps
Managing risk in the software supply chain
Secure your product by understanding risk factors in complex software supply chains, and best practices for mitigating common security vulnerabilities.
- AppSecSoftware Supply Chain
Application security assessments: A practical guide
Learn about application security assessments and how they can protect from breaches as modern development becomes more complex.
- Software Supply ChainDevSecOps
Security automation: Stop chasing vulnerabilities and start preventing them
Security automation can ensure that vulnerabilities in open source components are resolved quickly and efficiently.
- Software Supply ChainDevSecOps
What is a secure software development lifecycle (SDLC)?
Understand what a secure SDLC is, and how you can integrate secure coding practices into the SDLC to build better applications.
- AppSecDevSecOps
A guide to modern vulnerability scanning
Explore the lifecycle of vulnerability scanning, its importance for security and compliance, and tips to improve outcomes across your org.
- DevSecOpsSoftware Supply Chain
What is Software Composition Analysis (SCA)?
Learn what SCA is and how it works: inventory dependencies, map CVEs and licenses, and enforce policy in PRs and CI before release.
- Software Supply ChainTools & Buyer’s Guides
Partner Puzzle’s Perspective on Chainguard Containers and Libraries
Puzzle ITC shares how Chainguard’s minimal, source-built container images reduce CVE noise and transform software supply chain security.
- Software Supply Chain
Software supply chain security: Threat vectors & solutions
Understand key supply chain threats and stop them with minimal images, verifiable builds, provenance, and secure-by-default tooling.