Ideas
Tags
Archive
Search /

Topics

security-operations 3
governance 3
supply-chain 2
identity 2
devsecops 1
zero-trust 1
threat-modeling 1
security-engineering 1
weekly-review 1
detection-engineering 1
incident-response 1
vendor-risk 1
secure-by-design 1

Dates

June 2026 3
May 2026 2
April 2026 2
March 2026 2

All archive dates

Recently Tended

Software Supply Chain as an Adversary Playbook Jun 11, 2026
Zero Trust as Verify-Everywhere, Not VPN Replacement Jun 10, 2026
Attack Trees for Structured Threat Modeling Jun 8, 2026
Security Review Cadence as Operational Memory May 29, 2026
Detection Engineering as a Feedback Loop May 9, 2026

Garden Key

🌱 Seedling — a fresh, fragile thought
🌿 Budding — growing, gaps remain
🌳 Evergreen — proven in real use

Tagged

#supply-chain

2 notes grow under this tag.

Software Supply Chain as an Adversary Playbook

Modern breaches increasingly enter through dependencies and build pipelines rather than production apps.

🌱 Seedling supply-chaindevsecops Jun 11, 2026
Vendor Risk Triage for Small Teams

Small teams need a vendor risk process that quickly separates critical dependencies from routine suppliers.

🌱 Seedling vendor-riskgovernancesupply-chain Mar 22, 2026

Field Notes A personal knowledge wiki — ideas distilled from books, papers, conversations, and courses.

Ideas
Tags
Archive
RSS

Tended by Tony · 2026