View All Projects

Automatical supply chain collection

Pavel Simzicov

Security Engineer
Software Architect
Software Engineer
Bitbucket
Composer (PHP)
Golang
Supply chain security is the part of supply chain management that focuses on the risk management of external suppliers, vendors, logistics and transportation. Its goal is to identify, analyze and mitigate the risks inherent in working with other organizations as part of a supply chain. Supply chain security involves both physical security relating to products and cybersecurity for software and services.
As part of this project, I've been working with the tools such as: syft, grype.
Syft - a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
Grype - a vulnerability scanner for container images and filesystems.
Also, I introduced an automated way to update dependencies. The process works as follows:
check for vulnerabilities
updating vulnerable dependencies
creating a pull-request in BitBucket with the fixes
notify slack-channel in order to make sure the PR gets approved and released
Partner With Pavel
View Services

More Projects by Pavel

PayPal Braintree integration

PayPal Braintree integration

AWS WAF configuration

AWS WAF configuration

Implementing CI/CD

Implementing CI/CD

How it Works
Contra For IndependentsContra For HiringSuccess StoriesCommission-Free
Company
MissionCareersNewsroom
Resources
FAQTips & GuidesHireSupport
Dіscover Freelancers
DesignEngineeringMarketingMusic & AudioSocial MediaVideo & AnimationWriting
Drops
Freelance Industry Report
Social
Terms & ConditionsPrivacy PolicyCookie Policy
© 2024 Contra.Work Inc All Rights Reserved.