Why it’s important to not ignore Log4j
Thursday, 15 December 2022
by Traced
Open-source software is becoming more popular, which is beneficial for many reasons, but with this comes an inevitable rise in the number of open-source vulnerabilities and misconceptions. In this blog, we will explore why you shouldn’t ignore Log4j or leave high-severity vulnerabilities in application codes. Vulnerability analysis A recent statistic claimed that “96% of Log4j
- Published in Insight, Open Source Risk, Open Source Security
Tagged under:
open source software
The risks of neglecting open source developers
Thursday, 08 December 2022
by Traced
Nowadays, it is rare to find a business which does not use open source software. OpenUK’s 2022 “State of Open” report found that although 89% of businesses were relying on OSS, many of them had no idea of its details, despite this software being essential for the running of the business. A responsible business should
- Published in Insight
Tagged under:
open source software
How government can rebuild trust in open source software
Thursday, 01 December 2022
by Traced
Open source software (OSS) provides developers with many benefits, allowing them to streamline common features and tasks within the software, leaving more time for the development of project-specific elements which are unique to the software they are building. Unfortunately, the popularity of OSS means that it is a target for cyber criminals. Lacking the rigorous
- Published in Insight
Tagged under:
open source software
Know your ingredients! How SBOMs protect code
Thursday, 24 November 2022
by Traced
What is an SBOM? When making a good meal or buying food in the supermarket, we always pay attention to the ingredients used. You wouldn’t use meat of unknown origin in your chilli or make an omelette with eggs if you thought they might be out of date. If your friend is allergic to peanuts,
- Published in Insight, Open Source Security, SBOMs, Software Supply Chain
Tagged under:
open source software
How to start an Open Source Program Office (OSPO)
Thursday, 17 November 2022
by Traced
What is an OSPO? In the modern world, tech companies are becoming more reliant on open source software (OSS) when building their solutions. The open source libraries from which developers take OSS components are governed by licences. Complying with the licence is the responsibility of the organisation using the library, and failure to do this
- Published in Insight
Tagged under:
open source software
Using open source software responsibly
Thursday, 10 November 2022
by Traced
Why is responsible OSS usage important? Nowadays, it is difficult to find a software development project that doesn’t rely on OSS to a greater or lesser extent. That includes, but is not limited to, any web client, node.js, Java or .NET software, and UI widgets. Open source software is a living, breathing ecosystem and, like
- Published in Insight
Tagged under:
open source software
What are the risks posed by open source software, and how can I defend myself?
Thursday, 03 November 2022
by Traced
Open source software is used by lots of businesses and developers. Whether creating new applications, or keeping a company running smoothly, OSS plays an integral role in our everyday lives. Lauded as a tech utopia for its transparency, accessibility and lack of regulation, the things that have made it so attractive are also a source
- Published in Insight
Digital dilemma – the security issues of open source software
Friday, 28 October 2022
by Traced
Tech utopia or security risk? The ideals behind open source software (OSS) are championed by many. Publicly shared code, which can be accessed, modified, improved and distributed freely by anyone. A truly collaborative effort for the greater good. With complete transparency, OSS should, in theory, be completely secure. However, certain security risks lie within this
- Published in Insight