What is a software supply chain? A software supply chain consists of processes and people making and distributing software. Software supply chain attacks have increased in recent years, demanding better and more robust security in procuring and deploying software. This qualitative systematic literature review was conducted to find methods and techniques that can increase the safety in a software supply chain. The findings were analysed using thematic analysis and the results indicate that there are defence mechanisms that can be used, such as machine learning models that can be trained to detect malicious packages, as well as risk management frameworks to assess, identify, and manage risks, also software security frameworks that help the transparency in code acquisition. This study expands the current body of literature regarding software supply chain security. Furthermore, it gives an overview of defence mechanisms that can be utilised to secure a software supply chain.