Why software teams have to change their focus from vulnerabilities to malware

Nearly 90% of firms have reported detecting a security issue in their software supply chain in the past year. This may be due to a lack of understanding of what security in this area entails and how to defend against attacks. Traditional application security tools, while effective at detecting vulnerabilities in code, struggle to identify malware or deliberate tampering as they lack a reputational database with a library of identified malware. A shift in focus is needed, from vulnerabilities to malware, with a holistic approach to application security and modernised toolsets to effectively manage risks.