54% of organizations using at least four compliance controls remediate critical vulnerabilities within a day.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
Compliance Controls Vulnerability Management Critical Vulnerabilities Critical Vulnerability Remediation
76% of organizations check AI code for security risks.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
AI Code Software Development AI Code Security Risks Vulnerability Management
Organizations that effectively track and manage open source dependencies are 85% more prepared to secure open source software compared to the overall average of 57%.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
Open Source Software Security Open Source Dependencies Vulnerability Management
63% of respondents that prioritize SBOM validation say they're highly prepared to evaluate third-party software.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
Third-Party Software Security Software Supply Chain SBOM Validation Vulnerability Management
60% of organizations that perform automatic continuous monitoring report remediating critical software vulnerabilities within a day.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
Vulnerability Management Software Development Automatic Continuous Monitoring Critical Software Vulnerabilities
Only 24% of organizations have adopted comprehensive strategies to secure AI-generated code.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
AI-Generated Code Software Development AI-Generated Code Security Vulnerability Management
35% of respondents cite interpreting and operationalizing complex regulatory requirements as their biggest challenge.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
Compliance Regulatory
Only 45% of the full respondent pool say they remediate critical software vulnerabilities within a day.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
Vulnerability Management Critical Software Vulnerabilities Critical Software Vulnerability Remediation
59% of respondents that prioritize SBOM validation typically respond to critical software vulnerabilities within one day.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
SBOM SBOM Validation Vulnerability Management
95% of surveyed organizations reported using AI tools in software development.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
AI Tools Software Development
49% of organizations using at least three compliance controls remediate critical vulnerabilities within a day.
COPY Black Duck Navigating Software Supply Chain Risk in a Rapid-Release World · Dec 17, 2025
Compliance Controls Vulnerability Management Critical Vulnerabilities Critical Vulnerability Remediation