Key Insights

There has been an
astonishing  742% average annual increase in Software Supply Chain attacks over the past 3 years.
3.4 Billion Vulnerable Downloads are Avoidable Each Month.
More Mature
Software Supply Chain Management Equates with More Job Satisfaction.
It’s time for a data-driven reality check.

Effective software supply chain management could be the difference between a few issues and an overwhelming amount of problems. Reducing security risks, improving the bottom line, boosting morale, and championing innovation–it doesn’t matter whether an organization is small or enormous, a more secure software supply chain helps all of these things become reality.

The State of the Software Supply Chain Report exists to help you achieve all of the above. We studied dependency update patterns for thousands of open source projects, analyzed hundreds of survey responses, and got critical of commonly-held beliefs about managing risk over the past year. 

Get the most effective practices and the data to back them up, including: 

  • Nearly 1 trillion more packages have been downloaded compared to last year 
  • 50% of development upgrade tasks can be cut with the right tools
  • Insights on choosing the best dependencies for your projects.
  • Updates on Executive Order (EO) 14028 guidance and its worldwide impact