New Research from CAST Exposes Risk in Open Source Software.
The prevalence of open source software in enterprise applications signals the need for greater Software Intelligence to prevent exploitation by hackers.
CAST have announced new research evaluating the structural quality of open source software (OSS). The growing popularity and widespread use of OSS in enterprise applications helps developer teams work faster, yet this efficiency may come at a cost to the robustness, efficiency and security of those applications meant to support business functions. The Software Intelligence Report benchmarks the overall quality of OSS compared to software built in-house or by outsourced teams.
"It's incredibly important for organizations to have visibility into the quality of open source software that supports business applications," said Lev Lesokhin, EVP of Strategy and Analytics at CAST and co-author of the Software Intelligence Report. "As we saw with the Struts vulnerabilities that ultimately brought down Equifax, software quality issues that prevail in open source components are more easily exploitable by hackers. This report looks to identify many of these software risks that may put organizations on the defensive."
The Software Intelligence Report looks at 61 different open source projects comprised of 75,000 source files and 8.9 million lines of code. The analysis is broken down by language for C/C++ and .Net, JEE and PHP applications, and scores these applications for Transferability, Robustness, Changeability, Efficiency and Security.
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||Security News and Products|
|Publication:||Database and Network Journal|
|Date:||Apr 1, 2018|
|Previous Article:||Despite Major Vulnerability Disclosures Like WannaCry, New Research Finds that Open Source Components Fail to Receive Suitable Security Attention.|
|Next Article:||Spring Cleaning Your Devops--Why Keeping It Fresh Is Crucial to Success.|