The Supply Chain Catalog (Platform knowledge base) is Cortex Cloud's centralized registry of Cortex Cloud supported supply-chain tools and their associated risk factors. The catalog is distinct from the inventory displayed on the Supply Chain Tools page, which lists tools detected in your environment. Some tools may be displayed in both inventories - for example if you use Semgrep, which is also included in the catalog.
Use case
Use the catalog to cross-reference against your inventory to identify coverage gaps, assess exposure, and benchmark your security posture before integrating new tools or to replace existing ones that may be at risk.
How to access the Supply Chain Catalog
To access the Supply Chain Catalog, select → → .
Supply Chain Catalog inventory
This inventory includes a list of all supply chain tools in the Catalog. The inventory table properties are identical to the Supply Chain Tools inventory table. For information about these properties, refer to Supply Chain Tools.
Expanded Supply Chain catalog information
When you click a tool's entry in the inventory table, a side card opens to display detailed information. The information is organized into three tabs:
Overview: Provides a summary of the tool's key details and is the default view
Vulnerabilities Lists any associated security vulnerabilities (CVEs)
Actions: Outlines available mitigation options for the tool
The details provided in these tabs are identical to the details displayed in the expanded Supply Chain Tool Catalog. For information about these properties, refer to Expanded Supply Chain tool information.