In this episode of ConversingLabs Podcast, host Carolynn van Arsdale welcomes North Carolina State University Professor Laurie Williams and Ph.D. student Sivana Hamer to discuss their team’s research on the effectiveness of software supply chain security (SSCS) frameworks. Their study, “Closing the Chain,” (PDF) found that software products would still be vulnerable to attacks like SolarWinds, Log4j and XZ Utils – even if they fully enforced 10 well-known SSCS frameworks published by government, industry, academia and open source.