When it comes to open source and security, one of the most popular words that pops into the head of security aficionados and professionals is “dread.” Certainly that perception is driven by open source’s reputation – it is seen as fast, easy, low cost and, well, risky. With unknown hands touching the code – and a surprisingly low number of developers maintaining common components – it’s challenging for CSOs and security professionals to have much trust. This is especially true when you take into consideration the number of highly-publicized reports of malicious code hiding in open source code.

But there are ways for security and open source to be friends. In this podcast, Forrester Principal Analyst Amy DeMartine suggests that teaming up with developers, establishing an executive sponsor and getting more involved with open source projects are just a few of the ways we’ll improve open source and our relationship with it in 2018.

Show Notes:

Laura Paine is a senior web content developer at CA Veracode, focused on research, product and current events. She is a contributor to CA Technologies Security.com blog and repsonsible for publishing CA Veracode's State of Software Security Report. Prior to taking this position in content marketing, Laura was the global public relations and analyst relations manager for the business unit.  Follow Laura on Twitter and LinkedIn.

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu