Chart of the Week

JAN 2025: VOLUME 1

Do you know the provenance of your open-source software?

DEC 2024: VOLUME 1

How much “Shadow Code” is in your open-source applications?

MAY 2024: VOLUME 1

Unknown Authors Contributed to Open-Source Components in Your Software!

APR 2024: VOLUME 2

Data-centric Network Access Backdoors are embedded in Open-Source Software!

APR 2024: VOLUME 1

XZ is a wakeup call – 5.3% of Open–Source components are pre-tampered!

MAR 2024: VOLUME 3

Open-source software: Ten times the innovation, ten times the risk!

MAR 2024: VOLUME 2

Where do your “critical” open-source dependencies come from?

MAR 2024: VOLUME 1

Open-source software ages badly!

FEB 2024: VOLUME 3

Poisoned Software Supply Chains

FEB 2024: VOLUME 2

A third of your Open-Source Software are not fully attestable and that should worry you – a lot!

FEB 2024: VOLUME 1

Are your Open-Source dependencies POISONED?

JAN 2024: VOLUME 2

Open Source Software Charts: OSS risk is determined more by the quality of its dependencies than by the quality of its developers!

JAN 2024: VOLUME 1

82% of Open-Source components are inherently risky

DEC 2023: VOLUME 1

A Positive Revelation with Open Source Software!

NOV 2023: VOLUME 2

90% of software components in Open-Source are transitive, invisible dependencies

NOV 2023: VOLUME 1

Every Open-Source dependency is a software supply chain by itself!

OCT 2023: VOLUME 4

Unearthing the Hidden Risks: Critical Inherent Risk Scores in Open-Source Components

OCT 2023: VOLUME 3

Packages are reused 2.7 times on average within the same Open-Source Project

OCT 2023: VOLUME 1

Vulnerabilities by Dependency Level in Open-Source Projects

OCT 2023: VOLUME 2

Fixed vs Unfixed Vulnerabilities Distribution in Open-Source Software

SEPT 2023: VOLUME 1

What’s in your open-source software?