Glossary

Supply Chain Attack

An attack that targets software dependencies, build tools, or CI/CD processes to compromise an application upstream of its distribution. Supply chain attacks (SolarWinds, xz-utils, event-stream) affect thousands of organizations simultaneously. Dependency verification and code signing are the primary defenses.

Related Pages

supply chain npm composer pip dependencies attackdependency confusion

Other Terms

2FA/MFA (Multi-Factor Authentication)

AES (Advanced Encryption Standard)

AI Agent

ANSSI (French National Cybersecurity Agency)

Back to glossary

Need an external review of your HR SaaS?

Share your product, stack, and client context. We will come back with the right review scope.

Discuss your audit