Key findings from Synopsys’s 2020 Open Source Security & Risk Analysis report

The 2020 Open Source Security and Risk Analysis report examines audit data from 1,250+ commercial codebases and reveals trends in how organisations are using and managing open source — and where there’s room to improve. Our new infographic shows the most important open source trends from the 2020 OSSRA report. Get the PDF version here.

Numbers were taken from anonymised data on 1,253 commercial codebases from 17 industries — from aerospace to virtual reality — examined in 2019 by the Black Duck Audit Services team.

Codebases & open source

99% of codebases audited in 2019 contained open source components.
In 9 of 17 industries, 100% of the codebases contained open source.
Open source made up 70% of the audited codebases.

Vulnerabilities

75% of codebases contained vulnerabilities.
49% of codebases contained high-risk vulnerabilities.

Licensing

33% of codebases contained unlicensed software.
67% of codebases had license conflicts.

Operational factors

82% of codebases had components more than four years out of date.
88% of components had no development activity in the last two years.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Tech in our Time

understanding the tech of tomorrow, today.

Key findings from Synopsys’s 2020 Open Source Security & Risk Analysis report

Leave a Reply Cancel reply

Share this:

Like this:

Related

Leave a Reply Cancel reply