![Top 10 Cybersecurity Myths [Infographic]](/getmedia/f2f2e014-ed47-4277-a751-85ea3f65cc74/top-cybersecurity-myths.jpg?maxsidesize=350&resizemode=force)
Report
![Checkmarx - ESG Analyst Report on Checkmarx Supply Chain Security]()
ESG Analyst Report on Checkmarx Supply Chain Security
To hunt these threats in open source software supply chains, new techniques must look at the health and wellness of open source projects, the reputation of contributors, anomalous activity such as sudden changes in package publishing routines, as well as performing static and dynamic analysis of package behavior. Performing, consolidating, and analyzing all of this (and more) information beyond the expertise of the vast majority of organizations. In conclusion, Application Security Tools, specifically Software Composition Analysis, must incorporate new techniques to meet modern security challenges in the use of open source software. Read the full ESG Showcase, “Comprehensive Open Source Supply Chain Security: Going Beyond SCA and SBOMs”
Report Snap Shot
- Open Source Software is an established part of modern application development
- Supply Chain Security presents challenges which Application Security Testing must address
- Solutions include new techniques which go beyond generating Software Bills of Materials
Related Content
