International. The Open Source Security and Risk Analysis (OSSRA) report indicates that most organizations are still working to identify and manage open source risk in their application portfolios.

The report says that "although the number of vulnerabilities in open source is small compared to proprietary software, only in 2018 were more 7.000 vulnerabilities discovered in open source, more than 50.000 have emerged in the last two decades."

The report highlights the persistent challenges organizations face when it comes to managing open source risk, which includes:

- Advertising -
  • An increase in the average number of open source components detected in each code base, with an average of more than 298 open source components. Those who use open source often overlook the associated security and licensing risks.
  • Another record year for the number of open source vulnerabilities revealed in the NVD. The 60 percent contained at least one open source vulnerability and the 68 percent contained components with license conflicts, according to the report.
  • An increase in the average age of open source vulnerabilities detected, with more than 40 percent of the code bases containing a vulnerability that was revealed more than a decade ago.
  • More than 40 percent of code bases contain a high-risk vulnerability.

Despite these challenges, the XSUMX OSSRA data suggests that, in the wake of Equifax's breach, an increase in the knowledge of open source risk and the maturation of commercial software composition analysis solutions has led to Progress forward, which includes:

- The percentage of code bases containing vulnerable components has decreased.
- The percentage of code bases containing license conflicts has decreased.

Author: Duván Chaverra

IN OTHER NEWS

article thumbnailU.S. The ALAS Management Summit, the event for security leaders of the Americas, will begin this Wednesday June 26 in Miami, ...
article thumbnailInternational. Every day at least 3.4 one billion false emails are sent to the whole world, and most industries ...
article thumbnailInternational. The number of security cameras in London is scheduled to reach 627.000 in 2019, and could exceed 1 million cameras in ...
article thumbnailInternational. Through this new functionality, it will be possible to establish, in a global manner or in each Dealer, an area of ​​coverage for the attention of ...
article thumbnailColombia. The International Security Fair E + S + S 2019 (2 to 5 in July) has its academic program list among which the Forum of ...
article thumbnailColombia. The manufacturer Dahua and the distributor GVS revealed that they will present a concept that promotes great benefits in terms of Cities ...
article thumbnailInternational. Morse Watchmans announced the promotion of Tim Purpura as vice president of sales and marketing. Purpura joined Morse Watchmans in ...
article thumbnailIdemia MorphoWave Compact is the fastest biometric reader on the market that allows registering more than 50 per minute and is hygienic, as it does not ...
article thumbnailLatin America. Voting is now open to choose the Top 100 ranking of the Integrators with the highest recognition in the industry ...
article thumbnailVivotek The IP9165-LPC kit is a complete solution for LPC (License Plate Capture) applications, taking advantage of high image quality and ...