Security News > 2021 > April > How open source security flaws pose a threat to organizations
How do such products fare on security? Though the community-based approach toward open source means that security flaws should be identified quickly, patching those flaws and applying the patches is another matter.
In a report released Tuesday, design automation company Synopsys looked at commercial applications that use open source code to see how they dealt with security flaws.
Some 98% of the codebases in the healthcare sector contained open source, and 67% of them had security flaws.
92% of the codebases analyzed in the retail and e-commerce sector used open source, with 71% discovered with security flaws.
A full 91% of the codebases had open source dependencies with no development activity over the past two years, which means no improvements in code and no security patches.
Outdated open source components also played a role in security flaws.
News URL
Related news
- Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (source)
- Balancing proprietary and open-source tools in cyber threat research (source)
- Sara: Open-source RouterOS security inspector (source)
- What’s Next for Open Source Software Security in 2025? (source)
- GitHub CISO on security strategy and collaborating with the open-source community (source)
- Contextal Platform: Open-source threat detection and intelligence (source)
- Fleet: Open-source platform for IT and security teams (source)
- Addressing the intersection of cyber and physical security threats (source)
- Inconsistent security strategies fuel third-party threats (source)
- Orbit: Open-source Nuclei security scanning and automation platform (source)