Pages

Report shows 96% of exploitable downloads can be avoided

As per the annual State of the Software Supply Chain Report from Sonatype which has been done 8th time, the industry's dependence on free-to-use sources has grown very much, as well as the amount of known software supply chain assaults, which has incremented by whooping 742% over some previous years. The research estimates that 1.2 billion susceptible open-source software are downloaded each month. 96% of them had a more secure alternative. In public debates, consumer behavior is frequently highlighted as the main cause of the problem rather than free-to-use source maintainers.


The expansion of software supply chain assaults has one major factor contributing to this trend. As per the researchers, harmful assaults on open dependencies have increased by a percentage of 633% annually, and since 2019, assaults on the software supply chain have increased by an average of 742% annually so in short, it’s been a while since supply chain is facing these attacks and we can expect to increment more things to happen in near future.

Even though there have always been hacktivists, the occurrence rate of these malicious attacks is now becoming the main problem for organizations and developers all over the world. Due to the constant changes in the patterns of attacks, developers are expected to work on software quality more so it can become more secure than ever before.

However, reducing vulnerabilities may affect job satisfaction in addition to project security. A study of some engineering professionals found that respondents from companies with more experience in software supply chains were 2.7 times more satisfied with their jobs.

Moreover, 68 percent of software developers were sure that their applications did not make use of weak libraries. However, 68% of enterprise applications scanned at random reveal that the open-source software components used by the developers are known to contain vulnerabilities that could be later on used by the attackers for their good.

According to I.T. managers who were 2.4 times more serious about security measures, they spend good quality time improving the security within the software to avoid uncertain situations.

Companies need to make their efforts in terms of simplicity for developers so that they could build secure, fast, maintainable software to innovate more quickly and scale their operations. This includes giving them good hardware to push their development performance to its peak.

The eighth annual State of the Software Supply Chain Report from Sonatype includes 131 billion exchanges of data from Maven Central, responses from 662 engineering professionals, and an evaluation of 85,000 popular and complex applications.

Since technology is advancing frequently, no doubt it has become hard to deal with cyberattacks.

Read next: Ecommerce Applications Are Not As Safe As You Think, Researchers Have Alerted Frenzy Black Friday Sales

No comments: