Securing the software supply chain is paramount in today's interconnected world. A comprehensive understanding of its vulnerabilities and robust strategies are essential to mitigate risks posed by malicious actors. ASsS, a framework designed for analyzing the security posture of software supply chains, provides valuable insights into potential thre