Open Source Is Just the Tip of the Iceberg in Software Supply Chain Security

As more of the software stack consists of third-party code, it’s time for a more-advanced open source vetting system.

You can read the full article here.