In this hands-on session we will apply Detection-as-Code principles to securing the software supply chain. The session will utilize GitHub and AWS log sources, where participants will learn how to write detections in Python as well as use a Security Data Lake for threat hunting and detection hypotheses. In addition to learning to write detections participants will learn best practices for securing code and DevOps processes to mitigate new threats facing dev organizations.