TechDogs-"The Clear And Open Advantages And Threats Faced By Open-Source Software"

Software Development

The Clear And Open Advantages And Threats Faced By Open-Source Software

By Parth Subedhar

TD NewsDesk

Updated on Thu, Mar 2, 2023

Overall Rating
Over the last few years, global productivity and innovation have received a major boost thanks to open-source software. This entails free code sharing for developers to use, modify and redistribute software as a new bundle or even fix bugs in existing ones. It also benefits companies in personalizing software or editing it to use for added features or functions and better performance. It is believed that OSS (open-source software) has contributed immensely to the growth of the $475 billion global software industry.

According to the State of Open-Source Report (read here), an annual report prepared by Perforce Software and the Open-Source Initiative (OSI), open-source software saw an increase in usage in 80% of organizations for business-critical applications including DevOps, SDLC and data and database management.

In the report that lists the usage, adoption and challenges based on surveys from global organizations of a range of sizes from 20+ global industries, open-source software is viewed in a positive light. In the survey, 35% have security and compliance policies, 28% have legal teams well-versed with open-source licensing and more than 25% in most industries prepare an SBOM (Software Bill of Materials) which enhances transparency and security.

TechDogs-"Image Depicting The State Of Open-Source Report By Perforce Software And The Open-Source Initiative"

Source


However, open-source software comes with a series of challenges. Especially for data security. According to a report by Synopsys, even though 96% of software programs consist of open-source components in some form, 84% of codebases possess at least one threat point. These are shared amongst third-party applications and services present on-premises and cloud.

One of the main threats faced by open-source software is supply chain attacks. This is where a cybercriminal targets the maintainer of an open-source project and embeds their own malicious code into the program, which flows down to others downloading the software.

According to Dale Gardner (Senior Director, Analyst – Gartner), “From a supply chain perspective, it’s increasingly common to see malicious code introduced into open source — and that can be accomplished by compromising a legitimate project, or via a malicious project meant to confuse users into downloading counterfeit code that resembles a common project.”

TechDogs-"Screenshot Of Dale Gardner, (Senior Director, Analyst - Gartner)"
Additionally, he believes that organizations need to assess the risks associated with each project.
Speaking about it he said, “For example, does the project have a good track record for responding to problems, are the appropriate security controls in place, is the code up to date, and so on. And from a supply chain perspective, it’s not just open source with which we should be concerned — we’ve seen a number of cases where commercial code has been compromised.”

Another major concern is that third parties can make changes that create vulnerabilities.

Despite the threats faced, the open-source software market is on the rise, while experts and organizations look to identify security threats and reduce their downstream effects of it.

What do you think of the use of open-source software and what additional measures do you think should be taken to ensure further security? Let us know in the comments below!

First published on Thu, Mar 2, 2023

Enjoyed what you read? Great news – there’s a lot more to explore!

Dive into our content repository of the latest tech news, a diverse range of articles spanning introductory guides, product reviews, trends and more, along with engaging interviews, up-to-date AI blogs and hilarious tech memes!

Also explore our collection of branded insights via informative white papers, enlightening case studies, in-depth reports, educational videos and exciting events and webinars from leading global brands.

Head to the TechDogs homepage to Know Your World of technology today!

Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. While we aim to provide valuable and helpful information, some content on TechDogs' site may not have been thoroughly reviewed for every detail or aspect. We encourage users to verify any information independently where necessary.

Tags:

Open-source Open-source Software Cyber Criminals Cyber Threats State Of Open-Source Malicious Code

Join The Discussion

- Promoted By TechDogs -

- Promoted By TechDogs -

Trending TD NewsDesk

Join Our Newsletter

Get weekly news, engaging articles, and career tips-all free!

By subscribing to our newsletter, you're cool with our terms and conditions and agree to our Privacy Policy.

Home

Hot Topic: AI

News

Articles

Branded Insights

  • Dark
  • Light