target audience: TECH BUYER Publication date: Feb 2023 - Document type: IDC Innovators - Doc Document number: # US50138923
IDC Innovators: Open Source Software Supply Chain Security, 2023
IDC Innovators are emerging vendors with revenue <$100 million that have demonstrated either a groundbreaking business model or an innovative new technology — or both. This IDC Innovators study profiles three start-ups — Chainguard, Codenotary, and Endor Labs — that offer enhanced capabilities for open source software supply chain management that extends beyond static software bills of materials. Open source software may be free to acquire, but in many respects, it's like a free puppy, where the long-term maintenance and support obligations are far greater in hard cost and time cost than the money saved at the time of acquisition. Never has that parable been truer than today, with the growing concerns over security of the software supply chain associated with open source software.
"The time has come for organizations to get serious about securing the supply chain of open source software components, tools, or applications they may be using from public repositories," said Al Gillen, group vice president, Software Development and Open Source, IDC. "The vendors and products highlighted in this IDC Innovators document are showing truly interesting and compelling ways to address these security concerns using a modern approach made possible through the tools and services that are now readily available."