OSS in the Bull's-Eye: The Top Concern for DevSecOps Pros

OSS in the Bull's-Eye: The Top Concern for DevSecOps Pros

This IDC Market Note looks at open source software (OSS) as a top concern among DevSecOps professionals and as a vector for security exposures. The industry is increasingly realizing that open source software carries both benefits and risks, with bad actors increasingly looking at OSS as a vector to exploit unsuspecting organizations."Open source software has long offered developers a boost in productivity, but recognition is growing that the benefits of OSS have increasingly been burdened with a growing security risk that accompanies community technology," said Al Gillen, GVP, Software Development and Open Source at IDC. "This is not to suggest that open source software should be avoided; instead, organizations need to operate proactively to ensure the OSS they are using is authentic; comes from a trustworthy, verifiable source; and is part of a supply chain that offers controls over what can enter that supply chain."

Please Note: Extended description available upon request.