Introducing SBOM360 Hub - Software Supply Chain Security for your Software Distribution Chain.
Read the Blog
Read the Press Release
Press Release
Come visit us at BlackHat 2023
BlackHat 2023

Lineaje Weekly Chart

Insights into your Software Supply Chain

Browse all posts

Our Lineaje Chart of the Week series offers a weekly insight into “What’s in your software”?. It strives to raise awareness about the risks and returns that your software supply chain brings in with it.

Dec 2023 : Volume 1

A Positive Revelation with Open Source Software!

Recent findings based on Lineaje Labs study, reveal that asignificant 89% of components in open source projects are free from vulnerabilities! This discovery challenges the misconception that open source inherently compromises software security.

Nov 2023 : Volume 2

90% of software components in Open-Source are transitive, invisible dependencies

The recent finding that 90% of software components in open-source software reside in transitive, invisible dependencies carries significant security implications for the software development community.

Nov 2023 : Volume 1

Every Open-Sourcedependency is a softwaresupply chain by itself!

Brace yourselves for a game-changing revelation! Recent research has shed light on a pivotal security insight: a staggering 68% of code in Open Source Software (OSS) packages is contributed by providers and suppliers other than the package owner!

This finding carries profound security implications, underlining the intricate web of dependencies within OSS projects. It reinforces the critical need for a robust Software Supply Chain Security Management Service. Understanding and addressing these implications is paramount.

Oct 2023 : Volume 4

Unearthing the Hidden Risks: Critical Inherent Risk Scores in Open-Source Components
Insights into your Software Supply Chain

In today's rapidly evolving tech landscape, open-source software has become the backbone of countless applications and systems. However, a recent study by Lineaje AI Labs has shed light on a concerning statistic - a staggering 40% of open-source software components have a Critical inherent risk score.

Oct 2023 : Volume 3

Packages are reused 2.7 times on average within the same Open-Source Project

Within open-source software, a fascinating trend has emerged: packages are reused an average of 2.7 times within the same open-source project. This phenomenon carries significant implications for security, software supply chain security, and maintenance practices within the open-source ecosystem.

Oct 2023 : Volume 2

Fixed vs Unfixed Vulnerabilities Distribution in Open-Source Software

Based on Lineaje AI Labs research the majority of vulnerabilities in open-source are not fixed by open source developers. Lineaje AI labs analyzed 121,443 open-source projects and discovered 118,573 vulnerabilities in them. The saving grace is that vulnerabilities are not evenly distributed across dependencies.

Oct 2023 : Volume 1

Vulnerabilities by Dependency Level in Open-Source Projects

Based on Lineaje Labs research a staggering 77% of vulnerabilities in open-source reside within transitive dependencies (which your developers cannot patch). Open Source Projects pull in 20+ levels of dependencies. Along with those dependencies come their vulnerabilities. Lineaje AI labs analyzed 121,443 open source projects and discovered 118,573 vulnerabilities in them.

Sept 2023 : Volume 1

What’s in your open-source software?

Lineaje research indicates that 8.3% of Open Source Software is of unknown origin.

  • 3% of components embedded in open source software as dependencies don’t come from where the open source developers claimed to have gotten them from. So you don’t know where they came from and neither do the developers that included them!
  • 5.3% of all components come from the PURL (Package URL) where they were included. However, the version included does not match the version published by the developing product. They have been tampered with and the tampered source code from where they were built is not available to you.
Application Security
Digital Innovator 2023
Most Innovative Software Supply Chain Security
Cybersecurity Company
Software Supply Chain Security
Industry Solutions

Integrations and Language Support

Lineaje is continuously adding support for your favorite languages and integrations to connect with tools, pipelines, and workflows.

Trusted by brands globally