Software Supply Chain State of the Union
2024

We combined responses from 1,200 Security, Development,
and Ops professionals, analysis from the JFrog Security
Research team, and Artifactory data to understand the state
of software supply chain security. 

Here’s a sample of the findings: 

– The open-source supply chain is exploding with hundreds
of thousands of new packages added in 2023. 

– Organizations need better ways to prioritize remediation
with 85% of Critical CVEs examined reduced in severity by
the JFrog Security Research team. 

– Security tool sprawl is impacting developer efficiency with
up to 25% of time spent on security remediation. 

– Organizations would rather use AI for security than trust
it to write code.

Download Now!

Software Supply Chain State of the Union 2024