Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Open Source Code: The Cybersecurity Time Bomb Ticking in Your Software
All companies using open source code in their software are at risk of supply-chain attacks, says new research. Despite a grim outlook, things are improving for application security leaders. Checkmarx’s report shows 100% of surveyed AppSec professionals have faced attacks, but fewer incidents were reported…
Hot Take:
Open source code is like free pizza: it’s great until you realize the toppings include anchovies and malware. With 100% of surveyed AppSec pros having faced a supply-chain attack, it’s clear that while open source is a gift, it’s also the gift that keeps on giving… headaches.
Key Points:
- All companies using open source code are at risk of supply-chain attacks.
- 100% of surveyed AppSec professionals have experienced a software supply chain attack.
- 57% of organizations focus significantly on software supply chain security.
- Over half (54%) are investigating or planning to use a solution for these risks.
- Checkmarx detected over 385,000 malicious open source packages in the last two years.
Already a member? Log in here