Open source software is a significant security risk for corporations that use it because in many cases, the open source community fails to adhere to minimal security best practices, according a study released Monday.
The study, carried out by Fortify Software with help from consultant Larry Suto, evaluated 11 open source software packages and each community's response to security issues over the course of about three months. The goal was to find out if the community for each open source software package was responsive to security questions or vulnerability findings, published security guidelines and maintained a secure development process, for example.
Open source application server Tomcat scored the best in the study, titled "Open Source Study -- How Are Open Source Development Communities Embracing Security Best Practices?"
Read More Article...
Friday, July 25, 2008
Study Paints Open-Source Software as a Security Risk
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment