Savvy cyberattackers have turned their attention to the open source software supply chain as developers strive to innovate faster than ever , resulting in vulnerabilities . Shabir Bhat , Regional Sales Director , Middle East , Checkmarx , tells us why organisations must consider taking a proactive approach to defending against these attacks to ensure business as usual .

How and why have attackers shifted their focus to the open source software supply chain ?

It ’ s the path of least resistance . Developers have more and more pressure pushed upon them to innovate faster and leveraging open source software helps them achieve this goal because it allows them to use code that ’ s already been written , saving them time . When developers pull open source into their organisation without due diligence , they are essentially inviting a stranger ’ s code into their organisation .

Companies need to provide their developers with proactive solutions to safeguard their development ecosystem .

injected a malicious version of the package into the supply chain . You can imagine how much damage can be done very quickly .

Moreover , very popular projects also provide tempting targets . For example , a package that was downloaded around eight million times every week was compromised by an account takeover attack which

Why is open source a viable target ?

A significant portion of all code contains open source software , which exposes organisations to

www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 75