Confidence in software supply chain security at odds with actual readiness

No Comments

New research finds that 32 percent of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations. 68 percent are more realistic, noting they feel uncertain about achieving this near-impossible outcome.

The study from Lineaje, carried out among RSA attendees, also shows that while software bill of material (SBOM) regulations and guidelines continue to increase, organizations vary in their level of adoption.

Over 90 percent of modern codebases are built on open-source dependencies, and 95 percent of software weaknesses are directly attributable to this code. Yet a substantial 34 percent of respondents report difficulty in accurately identifying and tracking open-source components, revealing a critical blind spot. 29 percent of teams still lack the tools and processes needed to analyze SBOMs for vulnerabilities.

The report also shows that 38 percent of respondents say they prioritize the most vulnerable areas within their applications. While this may sound positive at first, this means they are leaving the supposedly less vulnerable areas within the software supply chain open to attack.

A large majority 88 percent of respondents report that AI has the potential to critically or significantly enhance software supply chain security visibility. However, AI also presents risks, data security and privacy (35 percent), and AI code generation and vibe coding risks (26 percent) being foremost.

"RSA's theme this year, 'Many Voices. One Community,' emphasized the importance of shedding light on the challenges facing all security professionals. It is heartening to note that security professionals are more aware of security drivers around AI innovations, open-source risks, and increasing regulations," says Javed Hasan, CEO and co-founder of Lineaje. "However, driving safer digital infrastructure requires more action tied to this awareness. Organizations must leverage holistic solutions that can provide visibility into all code, and fix them at the velocity of digital transformations -- so teams can innovate instead of playing catch-up."

You can get the full report on the Lineaje site and there’s an infographic summary of the findings below.

Image credit: everythingposs/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

The rise of the million dollar CISO

Why now is time to build sustainable accessibility into organizational culture

Get your hands on the new Windows Share feature and try out Click To Do enhancements with the KB5058499 update for Windows 11

The launch of Windows Backup for Organizations sees Microsoft making it easier to move to Windows 11

Less than eight percent of top domains implement the toughest DMARC protection

Microsoft super-charges Windows Update so it can keep all of your apps up to date

Elon Musk quietly kills encrypted DMs on X and you should be furious

Most Commented Stories

Say 'no thanks' Microsoft Windows 11 and 'yes please' to AnduinOS 1.3

64 Comments

Windows 7 Reloaded solves Windows 11's biggest problem -- download it now

41 Comments

Nintendo says your Switch 2 isn’t really yours even if you paid for it

27 Comments

Move over Windows 11, Windows 12 is the Microsoft operating system we need

25 Comments

Microsoft has finally relented and is giving Windows 11 users the new Start menu they want

23 Comments

Ditch Microsoft Windows for ALT Workstation 11: A Russian Linux distro with a modern GNOME desktop

15 Comments

Trump tells Apple: Make iPhones in America or face 25 percent tariff

15 Comments

Crapfixer 1.0 is here to fix Windows 11 and turn it into the operating system you deserve -- download it now!

13 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.