Chart of the Week

APR 2024: VOLUME 1

XZ is a wakeup call – 5.3% of Open–Source components are pre-tampered!

Modern enterprise applications can easily have 5000 unique open source software components. That is no longer new news.

Lineaje AI Labs Research found that 5.3% of open-source components do not come from the source code they claim to come from. They are pre-tampered! Just like XZ was pre-tampered and passed through various Linux vendors. That means, statistically, about 250 components are pre-tampered in your applications.Lineaje’s supply chain integrity attestation technology detects these tampers automatically – we routinely discover which250 components in your application are pre-tampered!  Not only that, we also detected the XZ compromise. Read more here.

Talk to to us. Just fill in this form to schedule a demo!