Open Source Software Libraries Get Renewed Scrutiny
Published: April 30, 2013 08:00
As companies increasingly create applications and internal tools on top of open-source building blocks, vulnerabilities in those common components are becoming a serious threat.
Yet, the lion's share of companies continue to ignore the problem, according to a report released this week. While nearly 80 percent of companies rely on open-source components for their development efforts, more than three-quarters lack any meaningful controls over the usage of such libraries and frameworks, according to the annual Open Source Software Development Survey conducted by Sonatype, a manager of a large repository of open-source components. While many companies have started to develop their own applications with security in mind, they have typically treated online components with less rigor, says Wayne Jackson, the firm's CEO.
Continue reading on DarkReading.com