Open source code provides developers with the shortcuts they need to innovate and
iterate faster. But due to a host of open source vulnerabilities, some shortcuts are
safer than others. Metaphorically speaking, are your organization’s developers
taking a well-lit, mapped-out shortcut, or straying down a mysterious, risky, and foreboding
path?
Snyk's "2023 State of Open Source Security Report" explores the adoption of
security tools, practices, and technologies, as well as the impact of automation and
AI in software development. Leveraging findings from both a survey of security practitioners from organizations across the United States and anonymized Snyk product usage data, the report reveals that the software supply chain is lagging in terms of the adoption of fundamental security measures and tools, such as software composition analysis and static application security testing.
Join this webcast to learn more about the report's key takeaways, including:
• Why supply chain and open source security tools can’t keep up with the pace of development, and why organizations are failing to fully shift left
• How organizations are responding to recent attacks by ramping up their code scanning and SBOM efforts, while adopting more formal software supply chain security programs
• The mixed impact of AI, and how usage can reduce the burden on security-minded developers, but also potentially introduce additional vulnerabilities or create false alerts