Controlling Software Supply Chain Risk with LeanIX

This document is a guide on controlling software supply chain risk using LeanIX Value Stream Management (VSM). It outlines the challenges associated with open-source software libraries and the fragility of software supply chains. The guide describes how LeanIX VSM provides engineering leaders with the ability to contextualize open-source software risks, enabling them to prioritize remediation efforts effectively. Key capabilities include auto-discovery of services, cataloging of services and their dependencies, and the ability to investigate open-source risks within an application portfolio. The guide emphasizes the importance of transparency across all open-source libraries and the context in which they are used. It also details how LeanIX VSM facilitates faster responses to vulnerabilities, enhances collaboration among teams, and supports data-driven decision-making for IT leaders. Overall, the guide presents LeanIX VSM as a comprehensive solution for managing software supply chain risks efficiently.