Supply chain security Playbook for Teams
RCCE students will learn software and hardware supply chain security including vendor risk assessment, third-party code analysis, dependency management, build pipeline integrity, and supply chain attack detection. RCCE students will learn to evaluate supply chain risks across software development lifecycles, implement software bill of materials (SBOM) practices, verify code signing and artifact integrity, detect compromised dependencies and malicious packages, configure dependency scanning in CI/CD pipelines, assess vendor security posture, and respond to supply chain compromise incidents such as dependency confusion, typosquatting, and upstream repository attacks. This team-oriented course builds collaborative workflows and organizational playbooks for security operations. At an expert level, RCCE students will learn to create and implement standardized procedures that enable consistent performance across team members and shifts. Students develop the documentation, communication, and coordination skills needed for effective team-based security operations.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Supply chain security Playbook for Teams
- Execute hands-on tasks for supply chain security
- Execute hands-on tasks for playbook for teams
- Explain Course Overview and Learning Objectives fundamentals
- Execute hands-on tasks for core knowledge areas — covering Software supply chain lifecycle, Vendor risk assessment frameworks.
- Execute hands-on tasks for team competencies — covering Collaborative security workflows, Standardized operating procedures.
- Execute hands-on tasks for operational skills — covering Dependency scanning in CI/CD, Code signing and artifact verification.
- Execute hands-on tasks for dependency scanning in ci/cd — covering Code signing and artifact verification.
- Execute hands-on tasks for advanced outcomes — covering Architecture tradeoff analysis, Automation pattern design.
- Execute hands-on tasks for supply chain security fundamentals
- Execute hands-on tasks for what is supply chain security? — covering Securing all components in delivery path, Software, hardware, services, people.
- Execute hands-on tasks for why it matters now — covering Exponential third-party dependency growth, Nation-state targeting of supply chains.
- Execute hands-on tasks for the modern software supply chain
| Module 01 | Supply Chain Security |
| Module 02 | Playbook for Teams |
| Module 03 | Course Overview and Learning Objectives |
| Module 04 | Core Knowledge Areas |
| Module 05 | Team Competencies |
| Module 06 | Operational Skills |
| Module 07 | Dependency scanning in CI/CD |
| Module 08 | Advanced Outcomes |
| Module 09 | Supply Chain Security Fundamentals |
| Module 10 | What Is Supply Chain Security? |
| Module 11 | Why It Matters Now |
| Module 12 | The Modern Software Supply Chain |
| Module 13 | Source Code |
| Module 14 | Build System |
All hands-on labs run on Rocheston Rose X OS. Students practice supply chain security playbook for teams by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for supply chain security
- Lab 2: Execute hands-on tasks for playbook for teams
- Lab 3: Explain Course Overview and Learning Objectives fundamentals
- Lab 4: Execute hands-on tasks for core knowledge areas
- Lab 5: Execute hands-on tasks for team competencies
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Supply chain security Playbook for Teams, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI