Supply-chain threat model
The trust handoffs from commit to deploy, and how they break.
Supply-chain security is worth a whole course because it is where a single compromise scales to thousands of victims. To defend the chain you first have to see it as an attacker does: a series of trust handoffs from a developer’s commit to a running workload, each of which can be subverted to ship malicious code that inherits legitimate trust.
The chain and its attack surface
The path from source to production has many links: the developer and their credentials, the source repository, the dependencies pulled in, the build system, the artifacts produced, the registry that stores them, and the deploy gate that admits them. An attacker does not need your production database if they can inject code at the build step — it will be signed, distributed, and trusted automatically. SolarWinds injected a backdoor during build; Codecov altered a widely-used script; the 2025 tj-actions compromise turned a popular CI action into a secret-exfiltration tool across countless repos. The lesson is consistent: the pipeline is production, and every link is a target.
developer ── source repo ── dependencies ── build ── artifact ── registry ── deploy│ │ │ │ │ │ │stolen unreviewed malicious/ build unsigned mutable no verifycreds push confused dep injection artifact tag at admission## Compromise ANY link and malicious code can inherit downstream trust.# Defense: make every handoff verifiable — signed, attested, and checked.
From "trust by default" to "verify everything"
The traditional model trusts an artifact because it came from the expected place and carries the expected name — exactly the assumptions these attacks exploit. The modern model treats every artifact as untrusted until it presents verifiable evidence: a signature bound to a known identity, provenance describing how it was built, and an SBOM listing what is inside — all checked at a gate before use. The rest of this course builds that evidence (SLSA, in-toto, Sigstore, SBOMs) and enforces it (admission policy, pipeline hardening).