Source: blog.shiftleft.io
Thoughts on the state of enterprise open sourceCategory: Business, Security, Kubernetes
Open source is bad since it’s full of security vulnerabilities, unmaintained dependencies and poor documentation,” said this security vendor as they began their opening speech before delving into their product that offered open source dependency management and risk audits. The product that was demonstrated was merely a re-skinned version of Dependency Track, an open source software that offered this capability.
So yes, this commercial provider is a leader in revenue, but in terms of usage and importance enterprise open source wins that are not reflected clearly in 2x2 matrices!
This barrier is partly psychological (people prefer to close and lock their door even in a safe neighborhood — so they assume that closed source is more secure than open source) and partly because of inherent risks posed by poor development and release management process adopted by particular open source projects.
Despite the importance of open source there are barriers and security concerns that need to be addressed by the community and enterprise open source vendors alike.
So yes, this commercial provider is a leader in revenue, but in terms of usage and importance enterprise open source wins that are not reflected clearly in 2x2 matrices!
This barrier is partly psychological (people prefer to close and lock their door even in a safe neighborhood — so they assume that closed source is more secure than open source) and partly because of inherent risks posed by poor development and release management process adopted by particular open source projects.
Despite the importance of open source there are barriers and security concerns that need to be addressed by the community and enterprise open source vendors alike.
Related Articles
Community Partners
DevOps Careers