The Ongoing Struggle: Enterprise Software Supply Chain Security
Log4j, maybe more than any other recent security issue in recent years, thrust software supply chain security into the limelight, with even the White House weighing in.
Some of those may be in libraries that aren’t even used when the container is in production, but they are vulnerabilities nevertheless.
According to Slim.ai‘s latest Container Report, the average organization now deploys well over 50 containers from their vendors every month (and almost 10% deploy more than 250).
Yet only 12% of the security leaders who responded to Slim.ai’s survey said they were able to achieve their own vulnerability remediation goals.
Most companies see some disruptions multiple times a week because they detect a vulnerability in a production container, for example.