The discovery of supply chain vulnerabilities, such as the Solar Winds cyberattack and the Log4j security flaw, has brought attention to the need for organizations to protect themselves against these threats. Few organizations have complete transparency into their software supply chain, which includes third-party dependencies, open source scripts, contractors, and other components involved in developing an application. To address this issue, MongoDB has implemented various safeguards throughout its software development life cycle, including testing, securing third-party software, using security tools to scan source code, and promoting the use of software bills of materials (SBOMs) to provide visibility into individual components and dependencies. By taking these measures, organizations can improve their software supply chain security and protect themselves against vulnerabilities that malicious actors may exploit.