diff --git a/community/publications/supply-chain-security-tools/securing-build-pipelines.md b/community/publications/supply-chain-security-tools/securing-build-pipelines.md
index 760f9ed05..60e8221f5 100644
--- a/community/publications/supply-chain-security-tools/securing-build-pipelines.md
+++ b/community/publications/supply-chain-security-tools/securing-build-pipelines.md
@@ -69,6 +69,7 @@ Here are the list of requirements for securing build pipelines. Each one has a l
 ### Tools
 
 - apko
+- [maven-lockfile](https://github.com/chains-project/maven-lockfile/) for Java/Maven
 
 ## 6. Find and Eliminate Sources Of Non-Determinism