Software supply chain attacks pose huge dangers - here's how to bolster your defenses

• 65% of organizations faced supply chain attacks in the past year
• GenAI adoption worsens risks; only 24% analyze AI-generated code for security or IP issues
• Compliance and continuous automation improve remediation speed and defense effectiveness

The software supply chain, an entire network of components, tools, and processes used to develop, build, and deliver software, has evolved into a new, very popular attack surface, granting cybercriminals opportunities to bypass standard defenses and reap disproportionately large rewards from a single compromise.

This is according to “Navigating Software Supply Chain Risk
in a Rapid-Release World”, a new in-depth report published by application security company Blackduck.

Based on a survey of 540 software security leaders, the report states that two-thirds (65%) of organizations experienced at least one supply chain attack in the past 12 months.