A recent survey on supply chain security practices found that some practices are widely adopted but key practices are lagging behind. The survey was based on the Supply-chain Levels for Software Artifacts (SLSA) framework.
Read full article on InfoQ