Manage Open Source Risk but Keep Engineers Empowered - PowerPoint PPT Presentation

About This Presentation
Title:

Manage Open Source Risk but Keep Engineers Empowered

Description:

Recent attacks exploiting vulnerabilities in #opensource​ code have exacted huge costs from #enterprises​, highlighting the criticality of Open Source Security and the need to execute and monitor related security strategies. – PowerPoint PPT presentation

Number of Views:23

less

Transcript and Presenter's Notes

Title: Manage Open Source Risk but Keep Engineers Empowered


1

Manage Open Source Risk but Keep Engineers
Empowered
2
Manage Open Source Risk but Keep Engineers
Empowered

One of the major challenges faced by developers
is to create a unique, customized, and compelling
customer experience quickly. As a result, they no
longer write all their own code to solve every
problem. Instead, they assemble, configure, and
automate their code and often rely on common open
source components to quickly add application
functionality.  One recent study showed a 21
year-over-year increase in the average number of
open source components across the studys
evaluated codebase. However, these same critical
open source components continue to present a risk
to businesses.  The State of Open Source
Consumption   According to the latest report
written by Gordon Haff, a technology evangelist
at Red Hat, on the State of enterprise open
source, 95 of respondents say open source is
strategically important.  The survey of 950 IT
leaders was commissioned by Red Hat to better
understand the unique role of enterprise open
source. Interestingly, the respondents are
unaware that Red Hat was the sponsor of this
research.  As part of this survey, 77 of
respondents agree enterprise open source will
continue to grow. They believe that the growth of
open source software will come at the expense of
proprietary software. Respondents cite security
and cloud management tools as top uses of
enterprise open source. 
3
Manage Open Source Risk but Keep Engineers
Empowered
  • The Risk involved with Open Source 
  • Open Source Security refers to the risks
    developers and security teams are facing today
    when running third-party, open source code in
    their applications, and the processes,
    methodologies, and tools they are deploying to
    mitigate them. 
  • Open source risk is growing exponentially. Senior
    Infosec Architects need a 360-degree view of
    application security issues across the custom
    code and open source components before it is
    pushed through to the QA team. 
  • 80 of application code comes from open source
    libraries
  • 62 of organizations do not have any control over
    what components are used in their applications
  • 31 of organizations experienced a breach related
    to vulnerable open-source components
  • Open source is powering the digital
    transformation we are witnessing today and is
    used by companies of all sizes, across all
    industry verticals. Yet it also comes with risks.
    Developers are pulling in vast amounts of open
    source dependencies without any security control
    or visibility. 
  • Acknowledging these risks is an important first
    step but should be followed up with investment
    and maintenance of a well-articulated Open Source
    Security plan that includes continuous security
    testing and monitoring. 

4
Manage Open Source Risk but Keep Engineers
Empowered

After prioritization, it is equally imperative
to remediate these vulnerabilities automatically.
Based on the security vulnerability policies
triggered by vulnerability detection severity,
automated remediation workflows can be initiated.
A good SCA solution helps you keep your open
source components continuously patched to avoid
being exposed to known vulnerabilities.  The
main challenge in todays complex digital world
lies in securing your application. With the right
Software Composition Analysis solution, you are
one step closer to mitigating your open source
risk.  Cigniti invites you to join an
interesting webinar where Rajesh Sarangapani,
Head of Innovation Practice at Cigniti will be
joined by Mitun Zavery, Director Pre-Sales
Engineering, Sonatype to discuss how enterprises
need to secure not just the code they write, but
also the code they consume from open source
projects. The session will help the attendees
understand the state of open source consumption
and the risks involved with it. They will also
get an understanding on why Software Composition
Analysis is a must have and how can the open
source challenges be dealt with.  Register for
the webinar and save your spot to listen to some
interesting insights on Feb 24th, 2021.  Being a
global leader in independent quality
engineering services, Cigniti is a strong
advocate of Quality Assurance and its
implementation right from the early stages of the
software lifecycle. We encourage customer
feedback and believe in including such feedback
in our broader testing approach. We take great
measures to ensure that we are fully equipped
with state-of-the-art services and have partnered
with other experts that specialize in providing
testing services. Talk to us. 

5
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Manage Open Source Risk but Keep Engineers Empowered" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!