In an era dominated by digital dependencies, the software supply chain plays a pivotal role in shaping the technology landscape. As consumers, we often download and integrate various packages to enhance the functionality of our applications. NuGet is a package manager for the Microsoft development platform. However, as we embrace the convenience of integrating third-party packages, it becomes imperative to address the lurking shadows of potential vulnerabilities in the software supply chain.
Software applications are no longer built entirely from custom code. Instead, they are made up of a variety of third-party components, including open-source libraries, frameworks, and modules. These components are often referred to as dependencies. The software supply chain is the process of managing these dependencies and their security risks.
- Visual Studio (code)
- .Net SDK installed
- Have this repository cloned on your local machine
In this workshop, you will learn how to secure your NuGet packages and mitigate potential security risks in your software supply chain.
Get started by going to the next step: 01. knowing-your-dependencies.md