The hidden risks inside open-source code - Help Net Security
www.helpnetsecurity.com
Open source code scanning helps CISOs uncover risks and protect their software supply chain by identifying vulnerabilities before deployment.

Open-source software is everywhere. It runs the browsers we use, the apps we rely on, and the infrastructure that keeps businesses connected. For many security leaders, it is simply part of the environment, not something they think about every day. That is where trouble can start. James Cusick, a researcher at Ritsumeikan University, recently set out to answer a question: how secure is the code we depend on? His study looked at both open-source and … More → The post The hidden risks inside open-source code appeared first on Help Net Security.

  • tangeli@piefed.socialEnglish
    2·
    3 months ago

    And “six potential issues in just 682 lines of code” is not “about one problem for every 27 lines”.

    Also, no indication of how the code was selected or why they are credibly representative of FOSS and closed source software generally. I find it quite incredible.