At Sonatype we've spent a lot of time over the past few years researching and writing about software supply chains. I mean A LOT.
Red Hat is another company that spends a huge amount of time studying and communicating about the same topic. And, as you can see here, they definitely know what they're talking about.
Of course, it's not a surprise that Red Hat would deeply grok the principles of software supply chain management -- after all, they have long practiced remarkable supply chain hygiene (upstream and downstream) in support of their core franchise RHEL.
Furthermore, as shown below, it should not come as a surprise that Red Hat would have an "Ops-centric" view of the software supply chain process -- beginning with Ops and leading to Dev.
Notwithstanding subtle differences of perspective — Red Hat gets it.
Their early embrace of Kubernetes is proof. Their investment in Open Shift is proof. But most of all, the proof is in the fact that they're partnering with technologies like Nexus Lifecycle to help customers continuously automate open source governance and application security controls across every phase of the modern software supply chain.