Source: thenewstack.io
Open Source News from the 2022 OSSRA Report
The world got another reminder at the turn of 2022 about the ubiquity of open source software when a https://armerding.medium.com/get-your-vaccine-for-the-log4shell-software-pandemic-ae445b771be8in the open source Apache logging library https://www.synopsys.com/blogs/software-security/mitigating-impact-of-log4j-log4shell/?cmp=pr-sig&utm_medium=referral were made public. Michael White, technical director and principal architect with the Synopsys Software Integrity Group, wrote in a https://www.synopsys.com/blogs/software-security/mitigating-impact-of-log4j-log4shell/?cmp=pr-sig&utm_medium=referral that these vulnerabilities were “trivial to execute.”
Identifying, tracking, and managing open source is critical for effective software security.”
The OSSRA report notes that it also prompted organizations to revisit the challenges inherent to open source components and how they’re managed.
Developers can be so dazzled by the things an open source software component can do that they don’t perform the security reviews required for commercial or proprietary software.
Identifying, tracking, and managing open source is critical for effective software security.”
The OSSRA report notes that it also prompted organizations to revisit the challenges inherent to open source components and how they’re managed.
Developers can be so dazzled by the things an open source software component can do that they don’t perform the security reviews required for commercial or proprietary software.
Related Articles
Community Partners
DevOps Careers