Open Source Burnout: An Opening to More Security Gaps?
"It’s important for the industry to understand that open source development burnout is real and can have a significant impact upon those who depend on the projects they maintain. Incentivize and recognize efforts. Don’t just take, but give back to the community."
Whether a software architect makes the decision as part of an app’s planning phase, or it’s simply dragged in by a developer trying to complete a task, the accessibility and availability of open source makes it easy to just download and build into an application without thinking more about where it comes from.
But why even care about where it comes from?
Any organization that pays the smallest attention to open source management has methods and tools in place to identify and mitigate the risks that come along with it – risks relating to security vulnerabilities, license obligations, and operational concerns. So, if dev teams can keep at bay the risks related to not knowing where the open source software comes from, why does it matter to know more than that?
The link for this article located at SC Media is no longer available.