Sonatype has released its 8th annual State of Software Supply Chain report.

Sonatype’s industry-defining research on the rapidly changing landscape of open source.

Effective software supply chain management could be the difference between a few issues and many problems. Reducing security risks, improving the bottom line, boosting morale, and championing innovation – it doesn’t matter whether an organisation is small or enormous, a secure software supply chain helps with all of these things.

The State of the Software Supply Chain report helps achieve all of the above. This is the 8th year Sonatype has drawn from proprietary and public data sources to illustrate the challenges many companies face when implementing effective software supply chain management.

Open source consumers fail to avoid 1.2 billion vulnerable downloads each month – and this figure is only growing. 

Some of the stats from the report:

• Nearly 1 trillion more packages have been downloaded compared to last year 
• Software supply chain attacks are up 700% over the past three years
• 50% of development upgrade tasks can be cut with the right tools