Enterprise open source Toolkit
Story: Gartner: Open source will quietly take over
Managing Undocumented Code
This article is great for underscoring the message that we've been sharing with our clients for the past four years - undocumented code, whether open source or proprietary, needs to be managed in order to properly secure mission critical applications.
The explosive growth in open source use over the past three years alone should be primary cause for organizations to put OSS app sec at the top of their priority lists. While its true that open source code reviews started as a means to manage license issues and keep companies out of court, we took that technology one step further to manage open source vulnerability detection, to provide companies with the ability to manage both license and security concerns BEFORE product release. We are constantly amazed at how many organizations have large amounts of undocumented (and insecure) open source in their code bases.
As the world moves toward more use of open source it's important to remember that those who are skilled in exploiting vulnerabilities know where they are and won't hesitate to use them. Companies should identify these risks before someone else does.
--Melisa LaBancz-Bleasdale, Palamida
mbleasdale
Department Head / Director, San Francisco, CA
Member since: February 2008
Site Activity Rating:
Full Talkback thread
