Security News > 2021 > April > How open source security flaws pose a threat to organizations
How do such products fare on security? Though the community-based approach toward open source means that security flaws should be identified quickly, patching those flaws and applying the patches is another matter.
In a report released Tuesday, design automation company Synopsys looked at commercial applications that use open source code to see how they dealt with security flaws.
Some 98% of the codebases in the healthcare sector contained open source, and 67% of them had security flaws.
92% of the codebases analyzed in the retail and e-commerce sector used open source, with 71% discovered with security flaws.
A full 91% of the codebases had open source dependencies with no development activity over the past two years, which means no improvements in code and no security patches.
Outdated open source components also played a role in security flaws.
News URL
Related news
- Open source maintainers: Key to software health and security (source)
- Suricata: Open-source network analysis and threat detection (source)
- Obsidian Security Warns of Rising SaaS Threats to Enterprises (source)
- How open source SIEM and XDR tackle evolving threats (source)
- Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof? (source)
- Osmedeus: Open-source workflow engine for offensive security (source)
- AWS security essentials for managing compliance, data protection, and threat detection (source)
- Am I Isolated: Open-source container security benchmark (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority (source)