Supply Chain Council of European Union | Scceu.org
News

Introducing Our 8th Annual State of the Software Supply Chain Report

The software supply chain has definitely been in all corners of the news this year, including , , and . Although the focus is on security concerns, better supply chain management has benefits beyond preventing downtime and data breaches.

The observations presented in our 8th annual State of the Software Supply Chain report dig deeper as we continue our tradition of sharing management insights around the use of open source code in your software development lifecycle. The provided data highlights how better software supply chain management also saves money, improves morale, and accelerates innovation.

Key findings

Graph showing the intense growth of supply chain attacks since 2019

  • About 6 out of every 7 project vulnerabilities come from a specific type of software dependency known as a “transitive” dependency. We look at data-driven selections of the best projects and even the best versions of your projects.

  • Open source project maintainers are not the primary source of security risk, it’s open source consumers. Our data show a monthly average of 3.4 billion downloads of vulnerable software where a fixed version is available.

  • More mature software supply chain management survey respondents were 2.7x more likely to report higher job satisfaction:

Bar graph of job satisfaction and mature management values

  • Development teams can cut expensive and tedious upgrade tasks in half by discerning the right dependency and when to upgrade.

Development Perspectives

Sonatype experts and data researchers looked through both public and proprietary data sources to illustrate and address trends in supply chain management. We looked at:

  • Ongoing growth of the software supply chain itself and regulatory responses by governments around the world. 

  • Poor security trends with recommendations for teams and the industry

  • Improved insights (Read more…)

Related posts

Evolution St. Louis Serving Brands Impacted by Foreign Supply Chain Instability Amid COVID-19

scceu

Reaching for the stars – , Starlinks, Supply Chain, Logistics, Cover Story, Logistics Middle East, Saudi Arabia

scceu

Small policy change would yield big supply chain, transportation improvements

scceu