With the recent shake-up around CVE funding and broader questions about long-term support for cybersecurity infrastructure, one thing is clear: controlling what you can is more important than ever. This is abundantly clear in modern software development practices which rely heavily on CI/CD systems, which in turn serve as the primary conduit from a developer’s local environment to production. The adoption of DevOps practices and the proliferation of microservices have greatly diversified the CI