There’s no doubt that open source software (OSS) is here to stay, but that doesn’t mean that developers can feel free to use all and any open source software components with no thought to the vulnerabilities and security issues they may introduce into development projects. The fact is, there’s no such thing as bulletproof, bug-free, automatically license compliant, and easily auditable software. Not in the open source world and not in the commercial off the shelf (COTS) world. So, it’s incumbent on developers, project team leaders, IT managers, CIOs and CTOs to ensure that there are sound strategies and tactics making it easy to acquire, distribute, use, monitor, analyze, and keep track of open source software to reduce the risk of vulnerable and buggy software and applications to an absolute minimum.
Reduce Your Open Source Security Risk: Strategies, Tactics, and Tools
The following is external content provided as a free resource for blog readers.