Open source security flaws found in 70 percent of applications

New research from application security specialist Veracode finds seven in 10 applications have a security flaw in an open source library on initial scan, highlighting how use of open source can introduce flaws, increase risk, and add to security debt. The study analyzed the component open source libraries across the Veracode platform database of 85,000 applications, accounting for 351,000 unique external libraries. Nearly all modern applications, including those sold commercially, are built using some open source components. This means that a single flaw in one library will cascade to all applications using that code. According to Chris Eng, chief research… [Continue Reading]