In 2024, we conducted a survey on Software Supply Chain Security, receiving responses from over 1,000 professionals. We published the results as the 2024 State of Software Supply Chain Security Report.

The report was well received, with overwhelmingly positive feedback. Readers appreciated the benchmark insights, and the findings sparked internal discussions and deeper analysis.

Key Findings from High-Performing Teams

We spoke with teams that demonstrated the best security postures. Surprisingly, they don’t heavily invest in security—they have no dedicated security department, team, or engineers. Yet, they are highly successful in security because:

• Security is automated across many stages of the software supply chain.
• Security gates are implemented early in the process (what’s commonly known as shift-left).
• Security tools are well integrated, reducing silos and blind spots.

Beyond security, we found other unique aspects of their workflows. For example, some teams don’t hold stand-up meetings—simply because they don’t need them.

In conclusion, these teams have a stronger security posture, not because they focus more on security, but because they excel at software supply chain management, and security is simply a natural outcome of that efficiency.

Challenges Faced by Teams with the Worst Security Posture

We also spoke with teams that struggle with security. Interestingly, many of them have dedicated security teams and use multiple security tools, yet they are still ineffective and frustrated.

We found a common issue: they struggle with software supply chain management rather than security itself. Specifically, they face challenges that didn’t exist 10 years ago, such as:

• A complicated, disjointed tool chain that creates silos and blind spots.
• An overwhelming scale of applications and releases, outpacing their available engineering resources.
• Excessive team size, processes, and communication overhead, leading to inefficiencies.

Expanding the Focus for 2025: From Security to Software Supply Chain Management

Based on these insights, we decided to broaden the scope of our 2025 survey—from Software Supply Chain Security to Software Supply Chain Management.

This survey will explore the broader hurdles impacting software delivery. Security issues often arise from deeper operational challenges. Many teams understand how important it is but struggle to prioritize it over other challenges. Key factors include:

⚠ Faster releases: From monthly to now weekly or daily deployments

⚠ New tech: Docker, OSS adoption, and platform engineering have reshaped workflows

⚠ More complexity: Tools have improved efficiency but created silos, gaps, and risks

We aim to gather 1,000+ responses from DevOps professionals, developers, IT stakeholders, and emerging roles like product managers and platform engineers. By participating in this survey, you will gain insights into:

📊 How companies structure their release processes,

🚀 What top-performing teams do differently,

🔍 Key blockers preventing automation and efficiency,

These findings will directly contribute to shaping Inedo’s product development and future offerings. Our goal is to publish them in our 2025 benchmark report in April.

Your Input Matters—And Comes with a Treat!

As a token of appreciation for your valuable input, we’ll be sending out an Inedo Snack Box to the FIRST 100 survey participants. Consider it a small thank-you for helping us shape the future of the Inedo’s Solution!

<insert CTA here>