Supply chain Architecture Patterns
RCCE students will learn software and hardware supply chain security including vendor risk assessment, third-party code analysis, dependency management, build pipeline integrity, and supply chain attack detection. RCCE students will learn to evaluate supply chain risks across software development lifecycles, implement software bill of materials (SBOM) practices, verify code signing and artifact integrity, detect compromised dependencies and malicious packages, configure dependency scanning in CI/CD pipelines, assess vendor security posture, and respond to supply chain compromise incidents such as dependency confusion, typosquatting, and upstream repository attacks. This architecture course teaches secure system design using proven patterns, guardrails, and reference architectures. Building on core knowledge, RCCE students will learn to evaluate design options against security requirements, make informed trade-off decisions, and build systems that are resilient by design. Students gain the architectural thinking skills needed for security engineering and solution design roles.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Supply chain Architecture Patterns
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for core competencies — covering Evaluate supply chain risks across SDLCs, SBOM generation and analysis.
- Execute hands-on tasks for evaluate supply chain risks across sdlcs — covering SBOM generation and analysis.
- Execute hands-on tasks for operational skills — covering dependency scanning in CI/CD, vendor security posture.
- Execute hands-on tasks for configure dependency scanning in ci/cd — covering vendor security posture.
- Design a scalable privilege management architecture with policy and enforcement, including Evaluate design options against security needs, and Make informed trade-off decisions.
- Execute hands-on tasks for supply chain security fundamentals
- Execute hands-on tasks for what is supply chain security?
- Execute hands-on tasks for why it matters now — covering Protecting all inputs to software delivery, 700% increase in supply chain attacks.
- Execute hands-on tasks for software supply chain anatomy
- Execute hands-on tasks for source layer — covering VCS repositories, Developer.
| Module 01 | Supply Chain Architecture Patterns |
| Module 02 | Learning Objectives |
| Module 03 | Core Competencies |
| Module 04 | Evaluate supply chain risks across SDLCs |
| Module 05 | Operational Skills |
| Module 06 | Configure dependency scanning in CI/CD |
| Module 07 | Architecture Thinking |
| Module 08 | Supply Chain Security Fundamentals |
| Module 09 | What Is Supply Chain Security? |
| Module 10 | Why It Matters Now |
| Module 11 | Software Supply Chain Anatomy |
| Module 12 | Source Layer |
| Module 13 | Dependency Layer |
| Module 14 | Build Layer |
All hands-on labs run on Rocheston Rose X OS. Students practice supply chain architecture patterns by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Design a scalable privilege management architecture with policy and enforcement
- Lab 2: Execute hands-on tasks for learning objectives
- Lab 3: Execute hands-on tasks for core competencies
- Lab 4: Execute hands-on tasks for evaluate supply chain risks across sdlcs
- Lab 5: Execute hands-on tasks for operational skills
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Supply chain Architecture Patterns, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI