Half of Companies Don’t Have a Security Policy for Open Source Software

You don’t need to touch or use open source software directly for it to be a concern to your organization. Your proprietary applications are using open source software. As much as 90 percent of the code is open source.

Open source software is just like any software, it can have vulnerabilities that need to be patched. But what makes open source so unique and problematic is its ubiquity. If a universal open source tool, has a critical vulnerability, it can have a ripple effect, like log4j did, across many applications.

In addition, realizing that open source programs are so widely used, malicious attackers will often taint open source software and let its common use take care of the distribution.

In this video, Mic McCully, field strategist, Snyk and I discuss these issues and more with regard to open source software. It’s all just a preview for our event happening this Friday August 5th, 2022 for Super Cyber Friday. Our topic of discussion will be “Hacking Open Source Security: An hour of critical thinking of how to better secure non-proprietary software and environments.”

REGISTER for 8-5-22 Super Cyber Friday.

Joining me and Mic for this discussion will be Steve Hendrick, vp of research, Linux Foundation.

Got feedback? Join the conversation on LinkedIn.

HUGE thanks to our sponsor Snyk