We are pleased to share a contribution from Fausto Oliveira, Acceptto’s Principal Security Architect in TechBeacon article on the topic of open source risks on application security.
Watch your codebase for obsolete open-source components as they can pose an operational risk to an organization according to Synopsys analysis 85% of them were four years out of date.
“There might be vulnerabilities and defects lurking in those projects and, by using those components, the organization is incurring additional risks.”
“Without an active community, those components are simply too risky to use in production. Unless the organization is willing to maintain the code project, it must avoid using ‘fossil’ code.”
Read the full article here at TechBeacon.