The US and UK governments are implementing regulations to secure the software supply chain in response to recent high-profile attacks, such as SolarWinds and CodeCov. The new regulations aim to increase cybersecurity defenses across the software industry by requiring companies to provide a Software Bill of Materials (SBOM), which is a record of all components and dependencies used in building software. This will enable end-users to perform vulnerability or license analysis, evaluating risk in products. The regulations also focus on secure software development environments, automation tools, and the use of trusted source code supply chains. Companies will need to update their CI/CD pipelines to increase visibility and automate security practices, and may be required to provide proof of secure software development and attest to conformity with secure practices.