18.12.2020
Dr. Andreas Kotulla
Flexera
The more ubiquitous open source software becomes, the greater potential it has to bring hidden risk to organizations because of open source dependencies and their security vulnerabilities, as well as improper licensing. Those risks are the subject a new IDC report, “Addressing the Hidden Costs of Embedding Open Source Software.”
The vulnerabilities presented by open source dependencies are real, but your organization isn’t powerless to prevent them with a Software Composition Analysis (SCA) strategy. Having an SCA strategy is so crucial, in fact, that IDC recommends that every organization use or consider the use of an SCA solution. SCA tools allow organizations to scan code and track direct and indirect components by means of a Software Bill of Materials (SBOM).
Being proactive about properly securing and licensing open source software through an SCA strategy builds confidence in its use and ensures it can continue to safely deliver benefits that are becoming essential to organizations and their end users.
Read more of this blog by Kendra Morton, Product Marketing Team Lead at Revenera.