The double-edged sword of open-source software

The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming organizations, according to Lineaje. Diversity and complexity of the open-source community Lineaje Data Labs analyzed 41,989 open-source components embedded in the top 44 popular projects of the Apache Software Foundation across its last three versions. The analysis revealed that 68% of dependencies are on non-Apache Software Foundation open-source projects. These dependencies … More →

The post …

analysis apache apache software foundation community complexity data dependencies diversity embedded foundation help net security labs lineaje non open source open-source community open-source software organizations popular projects report rsa conference 2023 security software software supply chain supply supply chain systems visibility vulnerabilities