Open-source software risks persist, according to new reports

Posted: Thu, 06/23/2022 - 6:32pm

Open-source software (OSS) has become a mainstay of most applications, but it has also created security challenges for developers and security teams, challenges that may be overcome by the growing "shift left" movement, according to two studies released this week.

More than four out of five organizations (41%) don't have high confidence in their open-source security, researchers at Snyk, a developer security company, and The Linux Foundation reveal in their The State of Open Source Security report.

It also notes that the time to fix vulnerabilities in open-source projects has steadily increased over the last three years, more than doubling from 49 days in 2018 to 110 days in 2021.

To read this article in full, please click here