1 year ago

— How safe is the https://thenewstack.io/category/cloud-native/ software that virtually every organization uses? You might not want to know, https://openssf.org/blog/2022/06/21/state-of-open-source-security-2022-from-snyk-and-the-linux-foundation/ released by https://training.linuxfoundation.org/training/course-catalog/?utm_content=inline-mention and Snyk, a cloud native cybersecurity company, at the foundation’s annual https://events.linuxfoundation.org/open-source-summit-north-america/, held here in June. Forty-one percent of the more than 500 organizations surveyed don’t have high confidence in the security of the open source software they use, according to the research.

The research was conducted at the request of the https://thenewstack.io/inside-a-150-million-plan-for-open-source-software-security/, a project of The Linux Foundation.

Many organizations still seem confused about which of the dependencies the open source software they use has are direct and which are transitive (dependent on the dependencies), said Hendrick.