1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Open source security is rapidly becoming a major concern

    From TechnologyDaily@1337:1/100 to All on Thu Jun 23 21:15:04 2022
    Open source security is rapidly becoming a major concern

    Date:
    Thu, 23 Jun 2022 20:02:38 +0000

    Description:
    The time it takes to fix an issue is growing, together with dependencies on open source code.

    FULL STORY ======================================================================

    The widespread use of open source software (OSS) within modern application development poses a significant security risk, new research suggests.

    According to a new report from cybersecurity company Snyk, together with the Linux Foundation, todays organizations are underprepared to tackle these risks.

    Based on a survey of more than 550 respondents, as well as data pulled from 1.3 billion open source projects via Snyk Open Source, the report states that two in five (41%) firms are not confident in the security of their open
    source code.

    Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Vulnerabilities in open source code

    The average application development project, it was found, has 49 vulnerabilities, as well as 80 direct dependencies. Usually, it now takes 110 days to remedy a vulnerability in an open source project, up from 49 days
    four years ago.

    Software developers today have their own supply chains instead of assembling car parts, they are assembling code by patching together existing open source components with their unique code. While this leads to increased productivity and innovation, it has also created significant security concerns, said Matt Jarvis, Director, Developer Relations, Snyk.

    Jarvis added that theres a certain naivete to the industrys approach to open-source software, which could open the door to all manner of malware , ransomware and other attacks. Read more

    The love for open source software is showing no signs of slowing down


    Google Cloud is looking to make open source code safer than ever


    Google just gave open source a major show of support

    For example, less than half (49%) have a security policy for OSS development or usage, dropping down to 27% among medium and large-size companies. Furthermore, less than a third (30%) of organizations without an open-source security policy are aware of the fact that at the moment, no one is
    addressing the security of open source software.

    But some respondents are aware of the security challenges posed by open
    source software in the supply chain. A quarter said they were concerned about the security impact of their dependencies on OSS, and only 18% said they were confident in the controls theyve set up for their transitive dependencies, where 40% of all vulnerabilities were found.



    ======================================================================
    Link to news story: https://www.techradar.com/news/open-source-security-is-rapidly-becoming-a-majo r-concern/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)