Control and Security of Corporate Open-Source Projects Proves Difficult
Published: April 30, 2013 08:00
Network World - Open source has become a staple for software development in the enterprise, but keeping track of it and maintaining security for it remains an elusive goal, according to a survey of more than 3,500 data architects and developers published today by Sonatype, which provides component lifecycle management products and also operates the Central Repository for downloading open-source software.
In spite what is clearly considerable open-source usage -- for example 80% of a typical Java application is now assembled from open-source components and frameworks -- 57% said their companies "lack any policy governing open-source usage" and 76% indicated lack of meaningful controls related to software typically obtained at no cost though licensed.
Continue reading on Network World