Open source and third-party component use is growing. The number of “hands,” pieces and parts that contribute to the life of an application is also increasing. Anything that goes into your code and anyone contributing to it is a link in the supply chain. Your software supply chain risk is inherited from your dependencies. Lack of control and awareness of exactly what’s in your code and where/who it comes from creates the possibility for security vulnerabilities and license compliance risk anywhere in the development life cycle.
Given the increasing complexity of the software supply chain, regulations are popping up worldwide: PCI Secure SW Standards, EU Secure Supply Chain for IoT, European Union Agency for Cybersecurity, OpenChain and the U.S. federal government’s cybersecurity executive order, to name a few.
What does it all mean and where is it headed?
In this webinar, Alex Rybak, Director of Product Management at Revenera, uncovers: