AppSec Decoded: What are organizations doing to manage open source vulnerabilities?
In this AppSec Decoded interview, we look at the top takeaways from the ‘DevSecOps Practices and Open Source Management in 2020’ report.
The “DevSecOps Practices and Open Source Management in 2020” report from Synopsys explores a survey of over 1,500 IT professionals from cyber security, software development, software engineering, and web development, and highlights the top strategies organizations are using to manage open source vulnerabilities.
One of the most important data points from the survey is that on average, open source code is present in 70% of codebases. This highlights how easy it is for hackers to exploit today’s open source vulnerabilities, and it reinforces the importance of DevSecOps and open source management practices.
So what can organizations do to manage open source vulnerabilities in their codebases? One thing is clear: implementing policies to govern the use of open source and integrating application security testing tools is vital.
Check out our latest interview of AppSec Decoded with Taylor Armerding as we discuss the what you can learn from the “DevSecOps Practices and Open Source Management in 2020” report.
*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Synopsys Editorial Team. Read the original post at: https://www.synopsys.com/blogs/software-security/appsec-decoded-open-source-vulnerabilities/