About Sonatype

Articles

Myths and Misconceptions on Securing Open-source Software

Published: August 12, 2013 10:52


Agile security expert Ryan Berg addresses the common myths and misconceptions of securing open-source software and offers practical tips on how to build in security throughout the software development lifecycle – from design, development and deployment through to production

Here we are, more than 20 years after the introduction of Linux, and security around open source is still misunderstood. Misconceptions still prevail from the days when open source was considered a hobbyist’s pursuit; let’s dispel some of them by looking at common myths on security related to open source and realities around risk mitigation.

The truth of the matter is that most modern software applications can’t avoid using open-source software – it is simply not possible in agile environments where applications are assembled from existing frameworks, libraries and components.

Continue reading on Infosecurity Magazine

Infosecurity Magazine