Today, nearly every sizable company operates as a software company, with software driving diverse businesses and expanding into physical objects via the Internet of Things. However, despite its ubiquity, software remains insecure. While secure development practices are known, many organizations haven't adopted them. Open source and agile methodologies introduce new risks, exemplified by the SolarWinds attack. A survey highlights lax security practices, with software often released with flaws and minimal auditing. This raises concerns about future supply chain compromises and attacks.

Join for free to read