Security News > 2021 > April > How open source security flaws pose a threat to organizations
How do such products fare on security? Though the community-based approach toward open source means that security flaws should be identified quickly, patching those flaws and applying the patches is another matter.
In a report released Tuesday, design automation company Synopsys looked at commercial applications that use open source code to see how they dealt with security flaws.
Some 98% of the codebases in the healthcare sector contained open source, and 67% of them had security flaws.
92% of the codebases analyzed in the retail and e-commerce sector used open source, with 71% discovered with security flaws.
A full 91% of the codebases had open source dependencies with no development activity over the past two years, which means no improvements in code and no security patches.
Outdated open source components also played a role in security flaws.
News URL
Related news
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority (source)
- Debunking myths about open-source security (source)
- AxoSyslog: Open-source scalable security data processor (source)
- MUT-1244 targeting security researchers, red teamers, and threat actors (source)
- Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat' (source)
- Vanir: Open-source security patch validation for Android (source)
- Are threat feeds masking your biggest security blind spot? (source)
- Week in review: MUT-1244 targets both security workers and threat actors, Kali Linux 2024.4 released (source)
- Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (source)