Posts tagged "supply-chain"

Security·6 min read·Mar 21, 2026
Investigating the Trivy Supply Chain Compromise with AI Agents
How I used AI-assisted investigation to triage the trivy-action supply chain attack across my homelab repos — and some thoughts on weekend incident response and community notification gaps.
Supply Chain·10 min read·Nov 23, 2025
NodeShield: Runtime SBOM Enforcement Stops 98% of Supply Chain Attacks
NodeShield enforces SBOMs at runtime using CBOM policies to prevent supply chain attacks. Homelab Docker deployment guide with attack simulations, 98.3% prevention rate, and <1ms overhead.
Automation·11 min read·Oct 6, 2025
Automated Security Scanning Pipeline with Grype and OSV
Build automated security scanning pipelines with Grype, OSV, and Trivy—integrate vulnerability detection into CI/CD workflows with actionable reporting.