Open Source Code: Cybersecurity Friend or Foe?
ESG recently surveyed 378 cybersecurity professionals and developers across the U.S. and Canada and asked them about #open source and securing the application development process. It found that 80% of organizations report significant use of open source code. And of those organization that say more than a quarter of their codebase is open source, 49% currently use security controls to scan the open source software for vulnerabilities. “That’s not enough — that’s the bad news,” Cahill said. “The glass half full is that 44% of those organizations plan to invest in those kind of controls over the next 12 months.”