The 2020 State of the Software Supply Chain Report blends a broad set of public and proprietary data, along with survey results from over 5,600 professional developers to reveal important findings, including:
- 430% growth in next-generation cyber attacks actively targeting OSS (Chapter 1)
- 1.5 trillion OSS component download requests (Chapter 2)
- 530x faster time to update dependencies for exemplary OSS projects (Chapter 3)
- 26x faster remediation of vulnerabilities for high performing teams (Chapter 4)
- 11% of OSS components used in applications have known vulnerabilities (Chapter 5)
For the second year in a row, we’ve collaborated with research partners Gene Kim from IT Revolution and Dr. Stephen Magill, CEO at MuseDev, to examine how high performing enterprise software development teams successfully balance their performance and risk management practices while assembling applications with open source components.