For enterprise security professionals alarmed about the rising number of supply chain attacks, a report released this week by Google and supply chain security firm Chainguard has good news: Devsecops best practices are becoming more and more common.
The recent prevalence of supply chain attacks—most notably the SolarWinds attack, which affected numerous large companies in 2021—has brought the topic into prominence. The Google-Chainguard report, though, found that many supply chain security practices recommended by the major frameworks are already in place among software developers, based on an ongoing “snowball” survey of 33,000 such developers over the past eight years.