Securing Global Software Supply Chains

The increasingly global nature of software development has raised concerns that global supply chains could be compromised, allowing malicious code to be inserted into a delivered software product during development, or enabling a compromised product to be substituted during delivery or installation. However, the intentional exploitation of software vulnerabilities inadvertently introduced during development continues to be the most attractive means of an attack.