The State of Software Supply Chains: A Rapidly Changing Landscape of Open Source
There has been a 742% average annual increase in software supply chain attacks over the past 3 years. Recent exploitations, from Log4j to crypto heists tied to open source repositories, have proven costly, not only in financial terms, but in terms of loss of trust.
Current research on open source - including measuring supply and demand, identifying trends in contribution levels, and exploring security-related challenges and readiness - is a vital resource for the formation of open source strategy and guiding the implementation of best practices.
Download this report to gather more insight on the state of the software supply chain including:
- In depth analysis of individual ecosystems such as Java (Maven), Javascript (npmjs), Python (PyPI), and .NET (NuGent);
- Establishment and expansion of software supply chain regulation and standards;
- Open source dependency management recommendations.