A new study outlined today at the DevOps Connect event at RSA Conference in San Francisco shows that the threat, or at least the awareness of the threat is on the rise. 31% of participants suspect or have verified a breach related to open source components in the last 12 months. The Sonatype study showed that 62% of organizations today still do not have meaningful controls over what components are in their applications. Among mature DevOps shops, 77% report having open source governance policies in place.”]