Software supply chain attacks are an enterprise-wide risk, and traditional application security testing tools are leaving organizations exposed — and mired in outdated security strategies. These are the key findings of recent survey of 321 IT professionals, conducted by Dimensional Research.
What does this mean for your organization? The tooling gap — and a lack of maturity in approach — is leaving companies exposed to the increasing risks highlighted by recent attacks, including those on 3CX and CircleCI.
Chris Wilder, research director at TAG Cyber, reviewed the survey’s findings with ReversingLabs field CISO Matt Rose. Their analysis is included in new report, the Software Supply Chain Security Risk Report.
Here are key highlights from the report — and an explanation of why you need to upgrade your app sec tools and supply chain security approach.
[ Get report: Software Supply Chain Security Risk Report | Join related Webinar: Does Your Organization Understand Its Software Supply Chain Risk? ]
Traditional app sec tools alone don’t cut it
Tools such as static and dynamic application security testing (SAST and DAST) and software composition analysis (SCA) are…
