Tim Mackey , Principal Security Strategist , Synopsys Cybersecurity Research Center ( CyRC ), highlights how recent research has shone a light on growth and gaps in open source adoption , while offering advice to organisations on how to create secure applications .

software ecosystem . The overwhelming majority of modern codebases contain open source components , with open source comprising 70 % or more of the overall code .

One major reason for this is that with open source usage , teams can tap into expertise that they would be hard pressed to hire on as employees . And yet , as its adoption grows globally , so too do the mounting security risks posed by unmanaged , or poorly managed , open source usage . After all , you can ’ t manage , and importantly patch , what you don ’ t know you have .

Without the use of a software composition analysis ( SCA ) tool , which is designed to identify open source usage , knowing where open source components are used and what the current patch status of each component is can be a challenge .

A recent survey of 1,500 IT professionals working in cybersecurity , software development , software engineering and web development was conducted by the Synopsys Cybersecurity Research Center ( CyRC ) and Censuswide , an international market research consultancy . The report explores the strategies that

www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 75