Supply Chain Attack

Compromise of a trusted software vendor, update channel, or third-party library to distribute malicious code to downstream customers through legitimately signed artifacts.

Triage

1 procedure
P1

Scope a Supply-Chain Compromise

~90 min

Containment

2 procedures
P1

Roll Back and Block the Compromised Release

~120 min
P1

Contain Compromised Serverless Function

~90 min
Sponsored

Collection

2 procedures
P1

Collect Kubernetes Control-Plane Audit Trail

~120 min
P1

Collect Serverless Execution and Management Evidence

~90 min

Analysis

1 procedure
P2

Analyze the Supply-Chain Backdoor Payload

~240 min

Post-Incident Review

1 procedure
P2

Vendor & SBOM Governance Review

~180 min