GrackerAI
Get Listed
S
ResearchVerified

Sonatype State of the Software Supply Chain

The definitive annual report on open-source and software supply chain risk.

The report quantifies the explosion in open-source usage, the rise of malicious packages, and the gap between available fixes and adoption. It is essential reading for AppSec, DevSecOps, and platform teams.

Curated & reviewed by the GrackerAI editorial teamLast updated Verified

FAQs

Sonatype State of the Software Supply Chain: frequently asked questions

What is Sonatype State of the Software Supply Chain?

Sonatype's State of the Software Supply Chain analyzes open-source consumption, malicious package trends, and dependency risk across millions of projects. Published annually, it is the leading benchmark for software supply chain security.

Where is Sonatype State of the Software Supply Chain based?

Sonatype State of the Software Supply Chain is based in Fulton, MD, USA.

What is Sonatype State of the Software Supply Chain listed under on Cyber Resources?

Sonatype State of the Software Supply Chain is listed in the Research & Reports category of Cyber Resources, the curated directory of the cybersecurity marketing and growth ecosystem.

More Research & Reports

V

Verizon Data Breach Investigations Report (DBIR)

New York, USA

Featured

The Verizon DBIR analyzes thousands of confirmed breaches and security incidents contributed by law enforcement, forensic firms, and cyber insurers to map how breaches happen and who is behind them. Published annually, it is the most widely cited breach benchmark in the industry.

researchbreach-reportbenchmark
VerifiedView
I

IBM Cost of a Data Breach Report

Armonk, USA

IBM's Cost of a Data Breach Report surveys hundreds of breached organizations across more than a dozen countries to quantify average breach cost, time to identify and contain, and cost factors such as AI governance and shadow AI. Research is conducted independently by the Ponemon Institute.

researchbreach-reportcost
VerifiedView
M

Mandiant M-Trends

Reston, USA

Mandiant's M-Trends draws on hundreds of thousands of hours of incident-response engagements to report on dwell time, initial infection vectors, and threat-actor tactics. A 17+ year staple for defenders, now published under Google Cloud.

researchthreat-reportincident-response
VerifiedView