Supply chain security is ever more important to manage when working on software projects. This talk will illuminate attack surfaces of modern PHP applications beyond the security of the application code itself. This guide will help you improve supply chain security in your composer projects in concrete practical steps and you will learn about Composer's architecture and features that impact supply chain security.