The most popular and comprehensive Open Source ECM platform
Open Source software has become ubiquitous. A study by Synopsys found that 99 percent of the 1250 commercial products investigated contained at least one open source component. In fact, the average application has 445 open-source components.
But the Synopsys report also found that 91 percent of those open source components were out of date by more than four years, and many of the open source projects were abandoned with more than two years of no activity. That could lead to security and stability problems.
Tim Mackey, principal security strategist of the Synopsys Cybersecurity Research Center, said that “it’s difficult to dismiss the vital role that open source plays in modern software development and deployment, but it’s easy to overlook how it impacts your application risk posture from a security and license compliance perspective.”
Mackey said that “the problem is that there is often a disconnect. The developers are making decisions of what to bring in, and somewhere, someone may have wrote down a policy for what open-source components can be used, but it is so cumbersome and it is a speed bump to innovation – that people are working around it.”
As Frank Nagle, professor at Harvard Business School, said that “understanding which components are most widely used and most vulnerable will allow us to help ensure the continued health of the ecosystem and the digital economy.”