Software Supply Chain Security Technical Community Group
The Software Supply Chain Security Technical Community Group (TCG) addresses the security of the software supply chain, from source code to production deployment, including build processes, artifact signing, provenance tracking, and vulnerability management.