At Sonatype we've spent a lot of time researching and writing about software supply chains over the past few years. I mean A LOT.
Red Hat is another company that spends huge amounts of time studying and communicating about the same topic. And, as you can see here, they definitely know what they're talking about.
Of course, it's not surprising that Red Hat would deeply grasp the principles of software supply chain management. After all, they have long practiced remarkable supply chain hygiene (upstream and downstream) in support of their core franchise RHEL.
Furthermore, as shown below, it should not come as a surprise that Red Hat would have an "Ops-centric" view of the software supply chain process, beginning with Ops and leading to Dev.
Notwithstanding subtle differences of perspective — Red Hat gets it.
Their early embrace of Kubernetes is proof. Their investment in Open Shift is proof. But most of all, the proof is that they're partnering with technologies like Sonatype Lifecycle to help customers continuously automate open source governance and application security controls across every phase of the modern software supply chain.