Making Security a Priority: Critical Findings from the 9th Annual State of Supply Chain Security Report
No matter your role in the software development lifecycle, software security needs to be a critical concern. But with competing interests and restricted budgets, software security often gets pushed to the back burner.
Software supply chain security combines best practices from risk management and cybersecurity to help protect the software supply chain from potential vulnerabilities. The software supply chain is made up of everything and everyone that touches your code in the software development lifecycle (SDLC), from application development to the CI/CD pipeline and deployment.
For 9 straight years, Sonatype’s State of Software Supply Chain Security report has analyzed the challenges associated with protecting your software supply chain from attack and has provided advice and guidance on improving it. During this on-demand conversation, Sonatype CTO Brian Fox and VP of Product Innovation Stephen Magill share key findings from the most recent State of Software Supply Chain Security.
Brian and Stephen talk with Coveros CEO Jeff Payne about:
- What the report’s findings say about organizations’ supply chain security posture
- How best to protect your business from threats associated with open source components, software dependencies, deployment processes and automation, and your custom code
- Where organizations should focus moving forward to encourage a more secure software supply chain
Whether you’re in development, QA/testing, security, DevOps, or management, this conversation will provide valuable insights on how to best protect your software supply chain from attack.