Future of Digital Innovation and DevSecOps: Understanding and Securing the Attack Vectors of the Modern Software Supply Chain
This IDC Perspective provides insights into the various dimensions of the software supply chain that can be attacked by bad actors, with actionable insight into practices and tools for helping to secure the software supply chains."There has been an exponential increase in the number of software supply chain breaches in recent years as bad actors view it as a soft target for attack," said Jim Mercer, research vice president of DevOps and DevSecOps, IDC. "This growing threat of software supply chain attacks should compel organizations to examine their application software supply chains and do what they must to harden them to avoid being breached."
Please Note: Extended description available upon request.
- Executive Snapshot
- Situation Overview
- Alignment with Broader Business Outcomes
- Implications of the Software Supply Chain
- Top Investment Priorities
- Advice for the Technology Buyer
- Identity and Access Management
- Authentication
- Role-Based Access Control
- Secrets
- Discovery
- Management
- Open Source
- Embedded Open Source Software
- SCA and SBOM
- SBOM Management
- Open Source Project Intelligence
- Source Code
- Source Code Management Configuration
- Everything as Code
- Code Reviews
- Code Leakage
- Software Provenance
- Build
- Standardized Pipelines
- Autonomous Build Steps
- Secure Base Images
- Deterministic Builds
- Consider the Composition of the Entire Pipeline
- Deploy
- Infrastructure as Code Security
- Cloud Security Posture Management
- Patching Vulnerabilities
- Runtime Dynamic SBOMs
- Standards
- General Guidance
- Learn More
- Related Research
- Synopsis
Research Assistance
Learn how to effectively navigate the market research process to help guide your organization on the journey to success.
Download eBook