Language Selection

English French German Italian Portuguese Spanish

Is open source software bad for business?

Filed under
OSS

One security outfit which conducted a study into the use of open source software in the enterprise, the results of which are published today, seems to think so. It states that "Open Source Software (OSS) development communities have yet to adopt a secure development process and often leave dangerous vulnerabilities unaddressed."

New data from Fortify Software suggests that the rising adoption of open source software within the enterprise is putting the average business at far greater risk than it should.

The Open Source Security Study has just been published and reveals that some of the most widely-used open source software used within the business environment are leaving users exposed to a "significant and unnecessary business risk."

As well as insisting that OSS development communities do not adopt a secure development process that follows software security best practise, and therefore often leaves potentially dangerous vulnerabilities unaddressed, Fortify goes on to charge that "nearly all" such OSS communities are also failing to provide users access to the kind of security expertise that could help remedy the vulnerabilities and risks that remain.

The survey, which was undertaken by application security consultant Larry Suto, looked at a total of just 11 of the most common Java open source packages.

More here




More in Tux Machines

Linux 4.8.14

Turns out I'm going to be on a very long flight early tomorrow morning, so I figured it would be good to get this kernel out now, instead of delaying it by an extra day. So, I'm announcing the release of the 4.8.14 kernel. All users of the 4.8 kernel series must upgrade. The updated 4.8.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.8.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-st... Read more Also: Linux 4.4.38 Linux Kernel 4.8.14 Hits the Streets with Numerous Networking Improvements, More

An Everyday Linux User Review Of Zorin 12

This version of Zorin is a great step forward. It has a renewed sense of purpose and stands out in its own right as a decent Linux distribution. I think Zorin should follow Mint's lead and stick with aligning itself to the Ubuntu LTS release. This gives the developers more time to push it along at their own pace. All in all a decent alternative to Linux Mint and Ubuntu. Read more