Cloud Computing: The State of Open Source Security in Commercial Applications

Grazed from CCI. Author: Editorial Staff.

Among other solutions to help customers manage and secure the open source software in their applications and containers, Black Duck conducts audits of customers’ software, both for companies on the “buy” or “sell” side in mergers or acquisitions. Typically, our audits are of commercial software that has been in the market for a number of years. During a six-month period from late 2015 through early 2016 Black Duck conducted a study of over 200 applications reviewed by our On-Demand team. Here are the highlights from the study…

You’re using open source more than you think

For all intents and purposes, everyone is using open source. Black Duck finds open source code in over 95% of the applications we analyze for clients. In our study, we found open source code comprised over 35% of the average commercial application we reviewed. If we were looking at code developed for internal use, the percentage was much higher… as high as 75%...

It’s easy to understand the use of open source code, as it adds needed functionality while lowering development costs and accelerating time to market. A developer has a need for specific functionality, and pulls in an open source component that meets his or her requirements...

Read more from the source @ http://www.cloudcomputingintelligence.com/news/item/2970-the-state-of-open-source-security-in-commercial-applications