Gain insight on three important topics:

  • Why a regularly updated software bill of materials by software vendors will be a non-negotiable requirement for at least half of enterprise software buyers by 2024.

  • How mature organizations are expanding open-source management to include assessments of the overall health of the software based on provenance and support.

  • Why attackers are targeting open-source repositories with malware to infect organizations earlier in the software supply chain.


1 November 2019, Gartner, Inc., Technology Insight for Software Composition Analysis, Dale Gardner.

DISCLAIMER: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of opinions of Gartner's research organization and should not be constructed as statements of fact. Gartner disclaims warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.