We combined responses from 1,400 Security and DevOps professionals, analysis from the JFrog Security Research team, and JFrog Platform data to understand the state of software supply chains today.
Here’s a preview of the findings:
- Open-source risk is exploding with MILLIONS of new packages
- CVE data issues obfuscate vulnerability severity and applicability
- Organizations continue to increase the number of security tools used
- Complete visibility of software provenance eludes many organizations
- The AI software supply chain is booming, but so is the risk