- Majority Of Organizations Still Unprepared To Respond To Cybersecurity Incidents: Study
- Zero Trust: Rethinking Security In The Age Of Remote Hiring
- Majority Of Today’s Project Management Tasks To Be Eliminated By 2030 With AI’s Impact: Gartner
- Druva Introduces Enhancements To Its Disaster Recovery-As-A-Service (DRaaS) Offering For Enterprise Workloads
- Application Organizational Structure: How To Evaluate And Optimize Your Setup
Though open source software (OSS) helps software suppliers be nimble and
build products faster - report reveals hidden software supply chain risks
all software suppliers and IoT manufacturers should know about.
Key insights in the Flexera Open Source Risk – Fact or Fiction?
-
- No OSS Policy is Bad Policy: Only 37 percent of respondents have an open source acquisition or usage policy.
-
- 63 percent say either their companies don’t have an open source acquisition or usage policy, or they don’t know if one exists.
-
- No One’s in Charge of OSS: 39 percent of respondents said that either no one within their company is responsible for open source compliance – or that they don’t know who is.
-
- OSS Contributors Aren’t Following Best Practices: 33 percent or respondents say their companies contribute to open source projects.
- Of the 63 percent who say their companies don’t have an open source acquisition or usage policy, 43 percent said they contribute to open source projects.
“The only thing worse than being hacked due to a vulnerability you wrote, is being hacked due to a vulnerability YOU didn’t write. Managing your dependencies is your first line of defense against other people’s defects especially in the interconnected open source development world we live in.”
Nisheeth Bhakuni
