Know your open source code

被引:3
|
作者
Pittenger M. [1 ]
机构
[1] Black Duck Software, United States
来源
Network Security | 2016年 / 2016卷 / 05期
关键词
D O I
10.1016/S1353-4858(16)30048-4
中图分类号
学科分类号
摘要
Open source software use has moved from the fringes into the mainstream of software development, accelerating time to market and generating cost savings. But despite these benefits, a thoughtful approach to adoption is essential. Lack of visibility into the open source software in use - particularly to known open source security vulnerabilities that have found their way into the codebase - exposes organisations to exploitation that could result in financial losses, business disruption, customer defection, legal action and brand risk. Open source software use has moved from the fringes into the mainstream of software development, accelerating time to market and generating cost savings. However, a thoughtful approach to adoption is essential, says Mike Pittenger of Black Duck Software. Lack of visibility into the open source in use - particularly to known security vulnerabilities that have found their way into the codebase - exposes organisations to exploitation that could result in financial losses, business disruption, customer defection, legal action and brand risk. © 2016 Elsevier Ltd.
引用
收藏
页码:11 / 15
页数:4
相关论文
共 50 条
  • [41] Nirjas: An open source framework for extracting metadata from the source code
    Bhardwaj, Ayush
    Sahil
    Pratap, Kaushlendra
    Mishra, Gaurav
    arXiv,
  • [42] OPEN SOURCE CODE FOR EDUCATIONAL PURPOSES IN FLUID DYNAMICS
    Crespo, A. J. C.
    Dominguez, J. M.
    Barreiro, A.
    Gomez-Gesteira, M.
    7TH INTERNATIONAL TECHNOLOGY, EDUCATION AND DEVELOPMENT CONFERENCE (INTED2013), 2013, : 5636 - 5639
  • [43] Big Code != Big Vocabulary: Open-Vocabulary Models for Source Code
    Karampatsis, Rafael-Michael
    Babii, Hlib
    Robbes, Romain
    Sutton, Charles
    Janes, Andrea
    2020 ACM/IEEE 42ND INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE 2020), 2020, : 1073 - 1085
  • [44] Open-source license comes to 'code morphing'
    Myrvaagnes, R
    ELECTRONIC PRODUCTS MAGAZINE, 2001, 43 (10): : 23 - 23
  • [45] Software analysis by code clones in open source software
    Uchida, S
    Kamiya, T
    Monden, A
    Matsumoto, KI
    Ohsugi, N
    Kudo, H
    JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2005, 45 (03) : 1 - 11
  • [46] Code Forking, Governance, and Sustainability in Open Source Software
    Nyman, Linus
    Lindman, Juho
    TECHNOLOGY INNOVATION MANAGEMENT REVIEW, 2013, : 7 - 12
  • [47] An Open Source Code Analyzer and Reviewer (OSCAR) Framework
    Tjoa, Simon
    Kochberger, Patrick
    Malin, Christoph
    Schmoll, Andreas
    PROCEEDINGS 10TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY ARES 2015, 2015, : 511 - 515
  • [48] NATURALCC: An Open-Source Toolkit for Code Intelligence
    Wan, Yao
    He, Yang
    Bi, Zhangqian
    Zhang, Jianguo
    Sui, Yulei
    Zhang, Hongyu
    Hashimoto, Kazuma
    Jin, Hai
    Xu, Guandong
    Xiong, Caiming
    Yu, Philip S.
    2022 ACM/IEEE 44TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2022), 2022, : 149 - 153
  • [49] Efficient Prior Publication Identification for Open Source Code
    Serafini, Daniele
    Zacchiroli, Stefano
    PROCEEDINGS OF THE 18TH INTERNATIONAL SYMPOSIUM ON OPEN COLLABORATION, OPENSYM 2022, 2022,
  • [50] Development of parallel DEM for the open source code MFIX
    Gopalakrishnan, Pradeep
    Tafti, Danesh
    POWDER TECHNOLOGY, 2013, 235 : 33 - 41
12345