Failure to manage the security risks of open source components could lead to more incidences like the recent Equifax data breach. According to the results of a report published by Flexera this week more than half of current software products use open source components but less than 37 percent of those companies have any kind of open source usage policy. Hackers stole data from Equifax by exploiting an Apache Struts CVE-2017-5638 vulnerability, a commonly used open source component. Based on the results of their survey, Flexera warns there could be a lot more of these types of breaches in the months and years to come. Open source components are a vital part of software development that allows for innovation and rapid product release but it is crucial that companies using and participating in the open source market implement policies and processes to manage the inherent security risks that come with it.
More information available at:
Get the the actual report here: FlexeraSoftware.com