From Innovation to Infiltration: Safeguarding Against the Hidden Dangers in Your Software Ecosystem
We combined responses from 1,200 Security, Development, and Ops professionals, analysis from the JFrog Security Research team, and Artifactory data to understand the state of software supply chain security. Here’s a sample of the findings:
- The open source supply chain is exploding with hundreds of thousands of new packages added in 2023
- Organizations need better ways to prioritize remediation with 85% of Critical CVEs examined reduced in severity by the JFrog Security Research team
- Security tool sprawl is impacting developer efficiency with up to 25% of time spent on security remediation
- Organizations would rather use AI for security than trust it to write code