ActiveState announced the results of its survey, providing insights into the security challenges of the software industry’s open source supply chain, which includes the security of open source components, as well as the security and integrity of key software development processes. The results point to the fact that software supply chain security is still in its infancy.
Securing the software supply chain encompasses vulnerability remediation and the implementation of controls throughout the software development process. Key development processes include: