Contents
We surveyed 368 IT, cybersecurity, and application development professionals at organizations in North America (US and Canada) responsible for evaluating, purchasing, and utilizing developer-focused security products.

Omdia view

Summary

Organizations are challenged with increased vulnerability across the software supply chain and with understanding how to effectively mitigate risk in light of recent targeted attacks. Organizations need effective software supply chain security solutions that can support the demands of cloud-native development.

Research report

Software is increasingly composed of open source software (OSS), with the majority of organizations reporting it constitutes more than half of their code composition. While it saves time for developers when they can utilize existing third-party code to build and run their applications, security teams need to understand the software components to put the processes in place to secure the applications.

Consequently, many organizations are worried about having a high percentage of code that is open source, with some expressing concerns about the specific possibility of being victims of hackers targeting popular/commonly used OSS. Organizations are challenged with increased vulnerability across the software supply chain and with understanding how to effectively mitigate risk in light of recent targeted attacks. Organizations need effective software supply chain security solutions that can support the demands of cloud-native development.

To gain further insight into these trends, we surveyed 368 IT, cybersecurity, and application development professionals at organizations in North America (US and Canada) responsible for evaluating, purchasing, and utilizing developer-focused security products.

Research Report: The Growing Complexity of Securing the Software Supply Chain

 

Appendix

Further reading

Explore the survey results

Watch a video summary

Read the research brief

Author

Melinda Marks, Practice Director, Cybersecurity

[email protected]