While many businesses rely heavily on open source software (OSS) to accelerate their digital efforts, a new study from VMware Tanzu suggests that IT managers are also aware of the associated risks.
The report states that 95% of organizations use open source software in production, with large companies (over 1,000 employees) the most likely to use community open source.
They see several benefits to OSS in production, including lower costs, greater flexibility, a large community to support, and improved developer productivity.
They are also concerned about the many cybersecurity dangers associated with open source software.
Using open source software means relying on the community to fix bugs and fix flaws. The majority of respondents (63%) agree that there is no guarantee that the vulnerabilities will be patched or patched, while 54% believe that it is difficult to stay up to date on vulnerabilities in the OSS code.
Too many cooks spoil the sauce.
Two-thirds of those surveyed cited difficulties in packaging open source software for production, as well as ownership issues. Many do not know if the dependencies are compliant, while others find it difficult to keep up with the installed dependencies of package managers.
One in ten companies use no tools for packaging, while two-thirds use multiple tools, which only adds to the complexity. While the majority (65%) have at least one dedicated OSS packaging team, some organizations have up to five teams involved.
In most organizations, the security team is not ultimately responsible for validating and authorizing OSS in production, but it is in a tenth.
On top of that, more than half (54%) use different security tools for free software than they do for other software.
Pop culture geek with subtle charm. Amateur analyst. Passionate about independent television. Coffee lover