Open-source vulnerabilities plague enterprise codebase systems

A new report into the state of enterprise security suggests that the majority of codebases in use contain known vulnerabilities due to the use of open-source components. Synopsys has released the Black Duck by Synopsys 2018 Open Source Security and Risk Analysis (OSSRA) report, which found that open-source adoption is on the rise in the enterprise — but security controls have not necessarily matched the pace.

Open-source projects, software, and library adoption have become a common theme in the enterprise. Open-source systems can save a vast amount of time and money for developers and businesses alike. However, the nature of open-source projects means that as developers are giving away their time for free, sometimes, bugs may escape the net and cause chaos further down the line unless users and staff are aware of its use and maintain regular security checks.

Read more about the findings of the new report by Synopsys on ZDNet.





Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief