Survey Finds Speed Trumps Security In Use of Open Source
Posted on: May 6, 2013admin
Veracode has been beating the drum about the inherent danger of “third party” code in application development. Whether that code is “shrink wrapped” and supplied by a third party firm or open source, our research has shown that it often comes chock full of security holes – some of them exploitable.
Now a report by the firm Sonatype reinforces that message. Sonatype’s survey of 3,500 developers (PDF format report here) found that use of open source software is exploding in the application development community. Alas, much of it is unchecked, with few if any controls over what- or how components are being used.