Which enterprise development practices are associated with excellent productivity outcomes? How do the top-performing companies approach compliance with security and legal requirements? Can an enterprise attain class-leading performance in both security and productivity?

We present the outcomes of the latest State of the Software Supply Chain Report, the result of a year-long research collaboration between Gene Kim (researcher and co-author of The Phoenix Project, The DevOps Handbook, Accelerate), Dr. Stephen Magill, (expert in software security and program analysis), and Sonatype (maintainers of the Maven Central Repository).

In this study, we surveyed over 500 enterprise developers and analyzed the practices that help high performers stand out. We will dive into the data and guidance that emerged from this analysis and explain the cultural and workflow practices common to high-performing organizations, which see 26x faster detection and remediation of vulnerabilities and 15x more frequent deployments than low performers, all while reporting class-leading security and quality outcomes.