当前位置:首页 >英文主页 >中英对照 > 报告详情

SlashData:2024软件供应链管理中的威胁研究报告:软件构建与维护组织所面临的主要风险(英文版)(19页).pdf

上传人: Y**** 编号:490273 2024-12-31 19页 1.03MB

下载:

1、Threats in software supply chain managementThe main risks faced by organisations that build and maintain software2About SlashDataAbout Developer NationDeveloper Nation is a global developer community,committed to creating a space where all software creators can set the right foundations for their ca

2、reer,learn how they stack up against emerging software development trends,get tips and discover opportunities for professional growth as well as plan wisely their next moves.Our vision is to empower developers to shape the future!devnationworldSlashData is the link between the developers and the org

3、anisations that serve them.We bring you all the data to understand who developers are,what they need and expect from your product and how you can engage with them.We reach out to developers to hear their views across 11 development areas:Web apps,Mobile apps,Desktop apps,Cloud/Backend services,AR/VR

4、,Games,IoT,ML/AI&Data Science,Embedded software,Apps/extensions for 3rd-party platforms,DevOps and more!Understand developers.Inspire the future of technology.SlashData Ltd.Swan Buildings(1st floor)20 Swan Street Manchester,M4 5JW+44 161 240 0603www.slashdata.coSlashDataHQ3Can I share data from this

5、 report?1.License GrantThis report is licensed under the Creative Commons Attribution-NoDerivatives Licence 4.0(International).Put simply,subject to the terms and conditions of this license,you are free to:Share You can reproduce the report or incorporate parts of the report into one or more documen

6、ts or publications,for commercial and non-commercial purposes.Under the following conditions:Attribution You must give appropriate credit to SlashDataTM,and indicate if changes were made.In that case,you may do so in any reasonable manner,but not in any way that suggests that SlashDataTMendorses you

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要探讨了软件供应链管理中的威胁以及不同组织规模和行业面临的威胁类型。主要观点如下: 1. 只有三分之一的DevOps专业人士表示他们的组织在过去一年中没有面临任何威胁。最常见的威胁是第三方库或组件中的软件漏洞,影响35%的DevOps专业人士。 2. 随着组织规模的扩大,第三方相关威胁、供应链攻击、勒索软件事件和内部威胁的发生率显著增加。例如,大型企业(1000+员工)面临的第三方库或组件漏洞比小型企业(2-50员工)高出近40%。 3. 政府、国防、金融、银行、医疗保健、政府、保险等行业内部威胁的风险最高,可能是因为这些行业的员工接触敏感数据或资源,以及高赌注性质的操作可能激励内部威胁者寻求经济利益或造成声誉损害。 4. 政府、国防部门由于遗留系统的普遍存在,面临未修补或易受攻击的软件组件的威胁率最高,这可能是由于遗留系统通常过时、昂贵且易受黑客攻击。 5. 数据分析和硬件产品行业以及教育和学术/科学研究部门对数据泄露和知识产权盗窃的易感性较高,因为这些行业拥有有价值的知识产权、敏感的研究数据和大型数据仓库,这些可能吸引寻求经济或战略优势的攻击者。
软件供应链威胁有哪些? 组织规模如何影响软件供应链威胁? 不同行业如何应对软件供应链威胁?
客服
商务合作
小程序
服务号
折叠