When it comes to open source and security, one of the most popular words that pops into the head of security aficionados and professionals is “dread.” Certainly that perception is driven by open source’s reputation – it is seen as fast, easy, low cost and, well, risky. With unknown hands touching the code – and a surprisingly low number of developers maintaining common components – it’s challenging for CSOs and security professionals to have much trust. This is especially true when you take into consideration the number of highly-publicized reports of malicious code hiding in open source code.

But there are ways for security and open source to be friends. In this podcast, Forrester Principal Analyst Amy DeMartine suggests that teaming up with developers, establishing an executive sponsor and getting more involved with open source projects are just a few of the ways we’ll improve open source and our relationship with it in 2018.

Show Notes:

Laura Paine is the senior content developer at Veracode, based in Burlington, MA. In this role, she is responsible for research, including publishing Veracode's annual State of Software Security Report, current events, and product content for the company blog. Prior to taking this role in content marketing, she was the global public relations and analyst relations manager.

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu