Manage Open Source Risk but Keep Engineers Empowered - PowerPoint PPT Presentation
Title:
Manage Open Source Risk but Keep Engineers Empowered
Description:
Recent attacks exploiting vulnerabilities in #opensource code have exacted huge costs from #enterprises, highlighting the criticality of Open Source Security and the need to execute and monitor related security strategies. – PowerPoint PPT presentation
Number of Views:24
Title: Manage Open Source Risk but Keep Engineers Empowered
1
Manage Open Source Risk but Keep Engineers
Empowered
2
Manage Open Source Risk but Keep Engineers
Empowered
One of the major challenges faced by developers
is to create a unique, customized, and compelling
customer experience quickly. As a result, they no
longer write all their own code to solve every
problem. Instead, they assemble, configure, and
automate their code and often rely on common open
source components to quickly add application
functionality. One recent study showed a 21
year-over-year increase in the average number of
open source components across the studys
evaluated codebase. However, these same critical
open source components continue to present a risk
to businesses. The State of Open Source
Consumption According to the latest report
written by Gordon Haff, a technology evangelist
at Red Hat, on the State of enterprise open
source, 95 of respondents say open source is
strategically important. The survey of 950 IT
leaders was commissioned by Red Hat to better
understand the unique role of enterprise open
source. Interestingly, the respondents are
unaware that Red Hat was the sponsor of this
research. As part of this survey, 77 of
respondents agree enterprise open source will
continue to grow. They believe that the growth of
open source software will come at the expense of
proprietary software. Respondents cite security
and cloud management tools as top uses of
enterprise open source.
3
Manage Open Source Risk but Keep Engineers
Empowered
- The Risk involved with Open Source
- Open Source Security refers to the risks
developers and security teams are facing today
when running third-party, open source code in
their applications, and the processes,
methodologies, and tools they are deploying to
mitigate them. - Open source risk is growing exponentially. Senior
Infosec Architects need a 360-degree view of
application security issues across the custom
code and open source components before it is
pushed through to the QA team. - 80 of application code comes from open source
libraries - 62 of organizations do not have any control over
what components are used in their applications - 31 of organizations experienced a breach related
to vulnerable open-source components - Open source is powering the digital
transformation we are witnessing today and is
used by companies of all sizes, across all
industry verticals. Yet it also comes with risks.
Developers are pulling in vast amounts of open
source dependencies without any security control
or visibility. - Acknowledging these risks is an important first
step but should be followed up with investment
and maintenance of a well-articulated Open Source
Security plan that includes continuous security
testing and monitoring.
4
Manage Open Source Risk but Keep Engineers
Empowered
After prioritization, it is equally imperative
to remediate these vulnerabilities automatically.
Based on the security vulnerability policies
triggered by vulnerability detection severity,
automated remediation workflows can be initiated.
A good SCA solution helps you keep your open
source components continuously patched to avoid
being exposed to known vulnerabilities. The
main challenge in todays complex digital world
lies in securing your application. With the right
Software Composition Analysis solution, you are
one step closer to mitigating your open source
risk. Cigniti invites you to join an
interesting webinar where Rajesh Sarangapani,
Head of Innovation Practice at Cigniti will be
joined by Mitun Zavery, Director Pre-Sales
Engineering, Sonatype to discuss how enterprises
need to secure not just the code they write, but
also the code they consume from open source
projects. The session will help the attendees
understand the state of open source consumption
and the risks involved with it. They will also
get an understanding on why Software Composition
Analysis is a must have and how can the open
source challenges be dealt with. Register for
the webinar and save your spot to listen to some
interesting insights on Feb 24th, 2021. Being a
global leader in independent quality
engineering services, Cigniti is a strong
advocate of Quality Assurance and its
implementation right from the early stages of the
software lifecycle. We encourage customer
feedback and believe in including such feedback
in our broader testing approach. We take great
measures to ensure that we are fully equipped
with state-of-the-art services and have partnered
with other experts that specialize in providing
testing services. Talk to us.
5
Recommended
CrystalGraphics Presentations
![NOTE:%20To%20appreciate%20this%20presentation%20[and%20insure%20that%20it%20is%20not%20a%20mess],%20you%20need%20Microsoft%20fonts:%20%20 PowerPoint PPT Presentation](https://s3.amazonaws.com/images.powershow.com/7288844.th0.jpg?_=201804121111)
![NOTE: To appreciate this presentation [and insure that it is not a mess], you need Microsoft fonts: PowerPoint PPT Presentation](https://s3.amazonaws.com/images.powershow.com/7012918.th0.jpg?_=20201123045)
