Telecom Cloud and its Open Source Risks
Thursday, 09 March 2023
by Traced
According to federal cyber authorities, some new and emerging technologies that are taking over the telecoms space are presenting inherent security risks to users and providers. These open-source options provide companies with simpler tools whilst using vulnerable code that can leave spaces for third parties and hackers to breach systems. Open source interfaces and components
- Published in Open Source Security
Avoid Surprises: Don’t Let Open Source Issues Impact a Transaction
Friday, 17 February 2023
by Traced
Open source software (OSS) is becoming increasingly popular and widely used by companies of all sizes, but a challenge for businesses. One of the biggest challenges is ensuring the software is used in compliance with the licenses of each component. This is particularly important for companies involved in mergers and acquisitions, as they need to
- Published in Open Source Security
Software Security Checkpoints in the SDLC
Thursday, 29 December 2022
by Traced
How Widespread Are Software Security Checkpoints in the SDLC? According to the 13th and latest edition of the annual Synopsys Building Security In Maturity Model (BSIMM) report, 90% of the member organisations surveyed have established software security checkpoints in their software development lifecycle (SDLC), suggesting this is an important step in their software security initiatives.
- Published in Open Source Security
The Balance Between Open Source Software and Monetisation
Thursday, 22 December 2022
by Traced
Can OSS Be Commercially Viable? It is commonly assumed that OSS and monetisation do not readily go hand in hand. After all, OSS is commonly referred to as “free software”. However, it is a slight misconception that “free” means “free of charge” in this context. It actually refers to the freedom of open source users
- Published in Open Source Development
Tagged under:
open source software
Why it’s important to not ignore Log4j
Thursday, 15 December 2022
by Traced
Open-source software is becoming more popular, which is beneficial for many reasons, but with this comes an inevitable rise in the number of open-source vulnerabilities and misconceptions. In this blog, we will explore why you shouldn’t ignore Log4j or leave high-severity vulnerabilities in application codes. Vulnerability analysis A recent statistic claimed that “96% of Log4j
- Published in Insight, Open Source Risk, Open Source Security
Tagged under:
open source software
The risks of neglecting open source developers
Thursday, 08 December 2022
by Traced
Nowadays, it is rare to find a business which does not use open source software. OpenUK’s 2022 “State of Open” report found that although 89% of businesses were relying on OSS, many of them had no idea of its details, despite this software being essential for the running of the business. A responsible business should
- Published in Insight
Tagged under:
open source software
How government can rebuild trust in open source software
Thursday, 01 December 2022
by Traced
Open source software (OSS) provides developers with many benefits, allowing them to streamline common features and tasks within the software, leaving more time for the development of project-specific elements which are unique to the software they are building. Unfortunately, the popularity of OSS means that it is a target for cyber criminals. Lacking the rigorous
- Published in Insight
Tagged under:
open source software
Know your ingredients! How SBOMs protect code
Thursday, 24 November 2022
by Traced
What is an SBOM? When making a good meal or buying food in the supermarket, we always pay attention to the ingredients used. You wouldn’t use meat of unknown origin in your chilli or make an omelette with eggs if you thought they might be out of date. If your friend is allergic to peanuts,
- Published in Insight, Open Source Security, SBOMs, Software Supply Chain
Tagged under:
open source software
How to start an Open Source Program Office (OSPO)
Thursday, 17 November 2022
by Traced
What is an OSPO? In the modern world, tech companies are becoming more reliant on open source software (OSS) when building their solutions. The open source libraries from which developers take OSS components are governed by licences. Complying with the licence is the responsibility of the organisation using the library, and failure to do this
- Published in Insight
Tagged under:
open source software
Using open source software responsibly
Thursday, 10 November 2022
by Traced
Why is responsible OSS usage important? Nowadays, it is difficult to find a software development project that doesn’t rely on OSS to a greater or lesser extent. That includes, but is not limited to, any web client, node.js, Java or .NET software, and UI widgets. Open source software is a living, breathing ecosystem and, like
- Published in Insight
Tagged under:
open source software
- 1
- 2