Companies who opt for an open source software within their organizations could be leaving themselves open to security breaches.
That's according to software company Fortify which has researched the implementation of several open source projects and found them lacking, with one executive suggesting that they could learn from Microsoft in how to improve security.
The research completed by security consultant Larry Suto, examined 11 of the most common Java open source packages. Fortify worked with open source maintainers and examined documented open source security practices to evaluate the level of security. The results were disappointing: the Fortify study found that many Open Source Software (OSS) development communities have not yet adopted a secure development process and often leave dangerous vulnerabilities unaddressed
|