--- url: "https://xcademia.com/courses/supply-chain-security-sbom" title: "Supply Chain Security & SBOM" description: "Learn SBOM, SLSA, and CI/CD security in this 2-day mentor-led course with practical labs on dependency scanning and secure software supply chains." publishedAt: "2026-03-25T12:22:29.608047+00:00" updatedAt: "2026-03-30T22:50:53.7265+00:00" type: course code: "CYB-0110" level: Practitioner duration_days: "2" track: "Secure Engineering & AppSec" category: "Cybersecurity & Ethical Hacking" credential_tier: tier1 price_gbp: "1799" --- # Supply Chain Security & SBOM > Learn to secure software supply chains using SBOMs, SLSA, and secure development frameworks. Build practical skills in dependency risk management and CI/CD protection through mentor-led sessions and scenarios. ## Overview The Supply Chain Security & SBOM programme is a mentor-led course designed to help professionals secure modern software delivery pipelines. With increasing reliance on third-party components and open-source dependencies, understanding and managing supply chain risk is essential for maintaining secure and resilient systems. Through practical scenarios, learners will explore key frameworks such as SLSA and secure software development practices aligned with SSDF principles. The course introduces Software Bill of Materials (SBOM) concepts and demonstrates how organisations can gain visibility into dependencies and vulnerabilities across their environments. Participants will gain hands-on experience with dependency scanning tools, CI/CD pipeline security, and risk mitigation strategies. By the end of the programme, learners will be able to implement end-to-end supply chain security controls and contribute to secure software engineering and DevSecOps initiatives. ## Prerequisites - Basic understanding of software development - Familiarity with CI/CD concepts - Interest in security and DevOps ## What you will learn - Analyse software supply chain risks - Design SBOM-based visibility strategies - Implement SLSA-aligned build security - Evaluate dependency vulnerabilities effectively - Communicate supply chain risks to stakeholders - Lead secure CI/CD implementation practices ## Skills you will gain - SBOM creation and management - SLSA framework application - Dependency vulnerability scanning - CI/CD pipeline security - Secure development practices - Risk mitigation strategies ## Career progression - DevSecOps Engineer - Security Engineer - Software Engineer - Cloud Engineer ## Curriculum 1. **Module 1: Getting Ready** - Supply chain security overview - Lab setup and tooling introduction 2. **Module 2: Software Supply Chain Fundamentals** - Understanding supply chain risks - Third-party dependency challenges - Attack vectors and case studies 3. **Module 3: SBOM (Software Bill of Materials)** - SBOM concepts and standards - Generating and managing SBOMs - SBOM use cases in organisations 4. **Module 4: SLSA Framework and Secure Builds** - SLSA levels and requirements - Build integrity and provenance - Applying SLSA in pipelines 5. **Module 5: Secure Software Development Framework (SSDF)** - SSDF principles and practices - Secure coding and validation - Integrating SSDF into workflows 6. **Module 6: Dependency Scanning and Risk Management** - Vulnerability scanning tools - Managing open-source risks - Remediation strategies 7. **Module 7: Securing CI/CD Pipelines** - Pipeline security best practices - Secrets management - Access control and automation 8. **Module 8: Monitoring and Governance** - Continuous monitoring approaches - Policy enforcement and compliance - Incident response considerations ## Exam & certification You will receive an Xcademia certificate of completion based on participation and successful completion of labs and scenario simulations. ## Delivery options - **Live Online** — Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible. - **Onsite Training** — We come to you. Training delivered at your workplace for teams of 6 or more. - **Venue-Based** — Classroom training at a professional venue. Ideal for focused, immersive learning. - **Blended** — Combine online and in-person learning for maximum flexibility and impact. ## Frequently asked questions **What is an SBOM and why is it important?** An SBOM provides visibility into software components, helping manage risks and vulnerabilities. **Is this course suitable for developers?** Yes, it is highly relevant for developers, DevOps, and security professionals. **Will I gain hands-on experience?** Yes, the course includes practical labs and real-world scenarios. **Do I need prior security knowledge?** Basic understanding of development and CI/CD is sufficient. **What roles can this course lead to?** It supports roles in DevSecOps, security engineering, and cloud security. ## Course at a glance | Field | Value | | --- | --- | | Code | CYB-0110 | | Duration | 2 days | | Level | Practitioner | | Track | Secure Engineering & AppSec | | Category | Cybersecurity & Ethical Hacking | | Credential tier | tier1 | | Price (GBP) | £1799 | --- ## About this content This Markdown course profile is the citation-grade twin of [Supply Chain Security & SBOM](https://xcademia.com/courses/supply-chain-security-sbom). It is published by **Xcademia** (UK Companies House 12322710) and is available for AI search engines and large language models to index, summarise, and cite. When citing or quoting, please attribute *Xcademia* and link back to the source URL above. - Source: https://xcademia.com/courses/supply-chain-security-sbom - Publisher: Xcademia — https://xcademia.com - Catalogue index: https://xcademia.com/llms-full.txt