The 2020 OSSRA report shows that 91% of commercial applications contain outdated or abandoned open source components. The report, produced by the Synopsys Cybersecurity Research Center (CyRC), examines the results of more than 1,250 audits of commercial codebases, performed by the Black Duck Audit Services team. The most concerning trend in this year’s analysis is the mounting security risk posed by unmanaged open source, with 75% of audited codebases containing open source components with known security vulnerabilities, up from 60% the previous year. Similarly, nearly half (49%) of the codebases contained high-risk vulnerabilities, compared to 40% just 12 months prior.
To learn more about Synopsys, visit: https://securityweekly.com/synopsysVisit https://www.securityweekly.com/asw for all the latest episodes!
Full Episode Show Notes
|[caption id="attachment_210" align="alignleft" width="120"] John Kinsella - Vice President of Container Security[/caption]||[caption id="attachment_210" align="alignleft" width="120"] Matt Alderman - CEO[/caption]||[caption id="attachment_210" align="alignleft" width="120"] Mike Shema - Product Security Lead[/caption]|
|[caption id="attachment_210" align="alignleft" width="120"] Tim Mackey - Principal Security Strategist [/caption]|