Skip to content

Krishna's Tech Blog

All Posts Learning Certifications Notices

Krishna's Tech Blog

Practical engineering knowledge from years of building real systems.

232 articles · 1,340 flashcards · 67 decks

Content

All Articles
Salesforce
AWS
Search

Learning

Flashcards
Quizzes
Certifications
Reading List

More

Notices
Glossary
Site Stats
RSS Feed

© 2026 Krishna's Tech Blog. Built with Next.js.Site Stats·RSS

←All articles

Banner for Software Supply Chain Security: SBOMs, Signing, and SLSA in Practice

Security13 min read

Software Supply Chain Security: SBOMs, Signing, and SLSA in Practice

Software supply chain attacks went from theoretical to routine in the past few years. SolarWinds, Log4Shell, the xz backdoor -- each one taught the industry that the code you depend on is the code you're vulnerable through. Here's how to actually defend against this with SBOMs, signing, and the SLSA framework.

KP

Krishna Patil

March 16, 2026

Share

#security#supply-chain#sbom#sigstore#slsa#signing

SeriesPart 103 of 172

Engineering Craft

TypeScript, CI/CD, databases, observability -- the skills that make code production-ready.

Previous

Container Orchestration Beyond Kubernetes: Nomad, ECS, and When K8s Is Overkill

Next

Engineering Org Reorgs: How to Survive Them and What Actually Changes

More in Security

TOCTOU Race Conditions: When Checking Isn't the Same as Doing

12 min read

TLS Handshake Explained: What Every Engineer Should Actually Know

13 min read

Threat Modeling for Engineers: STRIDE in Practice

12 min read

Study This Topic

AWS Cognito & Authentication

20 cards · intermediate

AWS IAM & Security

20 cards · intermediate

Salesforce Security Model

20 cards · intermediate

Older

SLOs and Error Budgets: SRE in Practice

Newer

Sorting in 2026: Why Quicksort Lost to Timsort and Pdqsort