CHICAGO–(BUSINESS WIRE)–Thought works (NASDAQ: TWKS), a global technology consulting firm that integrates strategy, design and engineering to drive digital innovation, today released Volume 26 of Technology Radar, a semi-annual report informed by insights , conversations, and Thoughtworks’ front-line experience solving our customers’ toughest problems. challenges. While the concept of securing the software supply chain has been around for a few years, one of the main themes of the report is how there are now practical steps for companies on the road to highly secure software in production and beyond.
In May 2021, the The United States White House has issued its Executive Order on Improving the Nation’s Cybersecurity. One section deals with improving software supply chain security. Realizing that it is no longer enough to write only secure code, companies are now expanding their understanding of security risks throughout the software supply chain and investing in more responsible engineering practices, including validation. and governance of project dependencies. Checklists and standards such as Levels of Supply Chain for Software Artifacts (SLSA) are new entries in this edition of Radar, demonstrating that there are now pragmatic tools that can help solve this problem at the beyond theory.
“A confluence of events – whether public proceedings of serious brand-impacting violations or government mandates – has heightened the importance companies place on understanding the complexity and scope of the ecosystem involved in the software supply chain,” said Dr. Rebecca Parsons, Chief Technology Officer at Thoughtworks. “While many organizations focus on systems in production, it’s equally critical to place the same level of rigorous control over test, sandbox, and cloud environments. While a daunting proposition, there are now concrete tools and engineering practices to help companies manage and automate supply chain security as they strive to keep their systems highly secure.
Highlighted themes included in Technology Radar Vol. 26 include:
- Software Supply Chain Innovations: Hackers are increasingly taking advantage of the asymmetric nature of attack and defense in the security realm – they only need to find a single vulnerability, while defenders need to secure the entire attack surface. attack – while employing increasingly sophisticated hacking techniques. Improving supply chain security is a critical part of the response as companies strive to keep systems secure.
- The Bizarre Bazaar: The Evolution of the Open Source Software Economy Open source software improves developer agility and crowdsources both bug fixes and innovation. The many different approaches to open source software release and support demonstrate the immense economic complexity of today’s ecosystem.
- Why do developers keep implementing state management in React? : Typically, after a basic framework becomes popular, it is followed by a series of tools creating an ecosystem of enhancements and improvements and ends with a consolidation around a few popular tools. However, React state management seems resistant to this common trend.
- The Endless Quest for the Master Data Catalog: The desire to extract more value from enterprise data assets continues to drive investment. A resurgence of interest in enterprise data catalogs is driving a wave of smart new tools with expanding feature sets that address governance, quality management, and publishing. Contrary to this trend, there is also a growing movement away from centralized, top-down data management towards federated governance and discovery based on a data mesh architecture.
To visit www.thinktworks.com/radar to explore the interactive version of Radar or download the PDF version.
– ### –
On Thought works
Thoughtworks is a global technology consultancy that integrates strategy, design and engineering to drive digital innovation. We have over 10,000 people in 49 offices in 17 countries. Over the past 25+ years, we’ve had an extraordinary impact with our clients, helping them solve complex business problems with technology as a differentiator.