Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

SSCR_2021_cover@2x

 

The 2021 State of the Software Supply Chain Report

SSCR_2021_cover@2x

 

The 2021 State of the Software Supply Chain Report

Compare the health and maturity of your software supply chain against current development trends in open source dependency management and secure development best practices.

The 2021 State of the Software Supply Chain Report studied software engineering practices from 100,000 production applications and 4,000,000 open source component migrations to uncover the newest trends in modern software development.

This, along with open source supply, demand and security findings associated with the Java (Maven Central), JavaScript (npmjs), Python (PyPI), and .Net (nuget) ecosystems expose fascinating truths about the state of today’s supply chains.  

Read this year’s report and uncover how and why: 

  • Production apps utilize only 6% of available projects.
  • 29% of popular project versions contain at least one known security vulnerability
  • Software developers make suboptimal choices 69% of the time when updating third-party dependencies. 
  • Commercial engineering teams only manage 25% of components they use
  • Automation could save organizations $192,000 a year. 

Download the Report