Software supply-chain security is one aspect of cybersecurity that affects every sizable application out there and also every organization that uses web apps and APIs. Application frameworks and libraries make up much of the running code base of modern software—and it only takes one vulnerable or compromised component to create a critical security gap.

In this episode, Frank Catucci and Dan Murphy go into supply-chain security and look at several high-profile breaches caused by insecure components and dependencies. In the fiction segment, Alice the head dev realizes that vulnerable library the CISO is asking about is used in lots and lots of places...