Which of the following BEST mitigates the risk of a software supply chain attack, such as the SolarWinds-type attack?
-
A
Requiring vendors to use only open-source software
-
B
Implementing software bill of materials (SBOM) reviews and code integrity verification before deployment
-
C
Banning all software updates from third-party vendors
-
D
Using a single antivirus product on all systems