Sinkendes Sicherheitslevel et verschärfte Rahmenbedingungen belasten Developer

The new State of Open Source Security 2024 report is an overview of current trends in the software industry and supply chain security of open source projects.

Anzeige

Three individuals identified Security Platform Manager Snyk, responsible for the overall security development platform, in our document. Demnach geraten Teams durch steigende Sicherheitsanforderungen zunehmend unter Druck, was dazu führt, dass Sicherheitsmaßnahmen seltener umgesetzt werden. 52 Prozent der Teams schaffen es gelmäßig nicht, ihre SLA-Ziele (Service Level Agreement) zu erfüllen. A combination of stagnierenden Sicherheitsmaßnahmen, fehlenden Resources and wachsenden Anforderungen führt ferner zu einer Ermüdung in Sachen Anwendungssicherheit. This is Snyk’s intervention and the latest security practices, one of those security measures to take into account.

Also the Anfälligkeit for Supply-Chain-Angriffe steigt, de viele Unternehmen nur unzureichend auf die Absicherung ihrer Lieferketten vorbereitet sind. This is a more modern approach to security practice, such as SBOM verification, artifact signing, and pipeline protection. Therefore, überwachen beispielsweise nur 62.4 Prozent der Unternehmen ihre SBOM (Software Bill of Materials). And the abhängigkeit of veralteten ansätzen erhöht die Angriffsfläche, inbesondere in Cloud-nativen Umgebungen.

It is therefore likely that artificial intelligence will attack fragmented teams, leading to security issues or licensing issues. Another false version is in KI-generierten Code spielt eine Rolle.

Open Source software can be used by owners for more in-depth applications

The report was compiled based on a frequent study: The Open-Source community has a strong global chance in the field of science and technology and has been integrated into a high reaction as a proprietary software project.

For the organizers of the expedition, the preventive security agents and security funds of the goods portfolios must be ensured effectively. This is a fundamental security practice, better prioritization in business management, clear rich lines for validation and testing of KI generic code, or from government and teams, as well as only basic methods for understanding, a Burnout to do it.

The report is written at the Angaben von rund 450 Befragten aus dem Bereich Anwendungsentwicklung und Sicherheit, mit Sitz in den den USA, Kanada and dem Vereinigten Königreich. The document on page 12 allows you to register for the download and download it.

(WHO)