Discover Security Trends News
Stale Open Source Code Rampant in Commercial Software: Report
A new report shows that stale open-source code is rampant in commercial software, and organizations in all industries are struggling to manage open source risk. "In 2020 the percentage of codebases containing high-risk vulnerabilities jumped from 49 to 60 percent. What was more disturbing is that several of the top 10 open source vulnerabilities found in 2019 codebases reappeared in the 2020 audits, all with significant percentage increases."
Organizations, regardless of industry, must do a better job maintaining open source components given their critical nature in software, according to this year’s risk analysis report by cybersecurity firm Synopsys.
Open source software is now the foundation for the vast majority of applications across all industries. But many of those industries are struggling to manage open source risk.
Synopsys released the 2021 Open Source Security and Risk Analysis (OSSRA) report on April 13. The report examines open source audit results, including usage trends and best practices across commercial applications.