Research firm Forrester reports on industry, government responses to software supply chain security needs

Industry recognition of the need to invest in software security is growing as CISA increasingly focuses on the issue, according to a research report that identifies software supply chain breaches and vulnerability exploits as the top two sources of external attacks reported by businesses.

“Application security wins in the US included a government-led open source security summit, a proposed bipartisan Securing Open Source Software Act, and the Consolidated Appropriations Act, 2023,” writes Forrester, a research and advisory company, in an...