Open Source Code: Cybersecurity Friend or Foe?

ESG recently surveyed 378 cybersecurity professionals and developers across the U.S. and Canada and asked them about and securing the application development process. It found that 80% of organizations report significant use of open source code. And of those organization that say more than a quarter of their codebase is open source, 49% currently use security controls to scan the open source software for vulnerabilities. “That’s not enough — that’s the bad news,” Cahill said. “The glass half full is that 44% of those organizations plan to invest in those kind of controls over the next 12 months.”