Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever. Cloud-native deployments tend to be small, interchangeable, but their software supply chains require closer attention. An estimated 99% of codebases contain open source components, and up to 70% of enterprise code is now based on open source. Vulnerabilities in leading open source software more than doubled between 2018 and 2019, report says. Attackers have turned to poisoning open source projects with outright malware, intended to be incorporated into the software supply chain.”]