Skip to content
Learn Netverks

Lesson

Step 27/36 75% through track

supply-chain-dependencies

Supply Chain and Dependencies

Last reviewed Jun 1, 2026 Content v20260601
Track mode
none
Means
Read / quiz
Reading
~1 min
Level
advanced

This lesson

This lesson teaches Supply Chain and Dependencies: security mindset, common threats, and defensive practices for software teams.

One malicious npm package can compromise thousands of downstream apps.

You will apply Supply Chain and Dependencies in contexts like: Web apps, APIs, CI/CD, and organizational compliance programs.

Read scenario-based lessons, map controls to code you write on other tracks, and complete MCQs—practice threat modeling on paper or in docs.

When identity, web, and crypto/network fundamentals from intermediate lessons are familiar.

Attackers compromise libraries, build tools, or npm packages you import—SolarWinds-style trust chain risk.

Habits

  • Pin lockfiles; review new dependencies
  • Enable 2FA on package registry accounts
  • Verify package name typosquatting
  • Sign commits; protect main branch

Link git

See Git signing and branch protection practices.

Important interview questions and answers

  1. Q: Typosquatting?
    A: Malicious package with name near lodash.
  2. Q: SBOM?
    A: Software bill of materials listing components for incident response.

Self-check

  1. What is a supply-chain attack?
  2. Name two dependency hygiene habits.

Pitfall: npm install without checking package age and maintainer—typosquat risk.

Interview prep

Typosquatting?

Malicious package with similar name to popular lib.

Interview tip Lesson completion confidence

Can you explain this lesson in 30 seconds without reading notes?

Not saved yet.

Check yourself

Multiple choice — immediate feedback.

Discussion

Past discussion is visible to everyone. Only logged-in users can post comments and replies.

Starter discussion topics

  • Typosquatting?
  • Lockfile why?

Sign up or log in to post comments and sync lesson progress across devices.

No discussion yet. Be the first to ask a question.

Jump

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36