Supply Chain Visibility & Risk Study Edition 2: Containers; Q4 2024
NetRise's analysis of 70 Docker Hub images reveals an average of 604 vulnerabilities per container, alongside critical non-CVE risks. Discover the importance of visibility in mitigating supply chain threats.
Lorem ipsum dolor sit amet consectetur. Sed.
Lorem ipsum dolor sit amet consectetur. Maecenas in pharetra neque nec purus nunc gravida vitae. Vitae non nulla donec.
Lorem ipsum dolor sit amet
Lorem ipsum dolor sit amet
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Maecenas sit amet purus non massa tristique placerat et at sapien. Nullam iaculis dui a nunc dignissim vulputate. Sed sollicitudin erat magna, at malesuada diam dapibus in. Proin vehicula dolor ac massa hendrerit congue. Vestibulum at enim eget eros pharetra pharetra a quis lorem. Ut mattis at nibh vitae commodo. Fusce quam enim, tincidunt nec tincidunt et, lobortis et augue. Phasellus id tortor ac tellus commodo imperdiet quis sed risus.
Edition 2: Containers; Q4 2024
Containers: The Fastest Growing — and Weakest — Link in Software Supply Chains.
Today's interconnected world increasingly relies on containerized applications, but these containers are introducing risks that far exceed common understanding.
Our research reveals:
- An average of 604 vulnerabilities per container, with over 40% ranked as Critical or High CVSS severity.
- 12.4% of components are manifestless, making traditional scanning tools insufficient.
- Significant non-CVE risks, including misconfigurations and overly permissive identity controls.
This report underscores the critical need for visibility into containerized software and emphasizes the role of SBOMs in managing software supply chain risks.
