DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Popular
  3. Open Source
  4. 2019 OSSRA Infographic: Open Source Trends and Findings

2019 OSSRA Infographic: Open Source Trends and Findings

How secure is your OSS code? Let's take a look.

Fred Bals user avatar by
Fred Bals
·
May. 16, 19 · Presentation
Like (1)
Save
Tweet
Share
3.58K Views

Join the DZone community and get the full member experience.

Join For Free

Do you know what’s in your code? Open source can be a great foundation for modern software development. But if you don’t manage it properly, you open yourself up to security, license compliance, and code quality risks.

The 2019 Open Source Security and Risk Analysis report examines audit data from 1,200+ commercial codebases and reveals trends in how organizations are using and managing open source—and where there’s room to improve. Our new infographic shows the most important open source trends from the 2019 OSSRA report. Download the PDF version here.

Infographic: Findings from the 2019 OSSRA


There’s been a significant uptick in open source adoption:

  • 96% of the codebases contained open source components.
  • The average codebase contained 298 open source components.
  • In 13 out of 17 industries, more than 50% of the average codebase comprised open source.

More vulnerabilities are being disclosed than ever before:

  • Over 40% of the codebases contained at least one high-risk vulnerability.
  • 60% of the codebases contained at least one vulnerability.
  • 7,393 vulnerabilities were added to the Black Duck KnowledgeBase in 2018.

Many organizations are failing to patch/update open source components:

  • One codebase contained a high-risk vulnerability that was nearly 30 years old.
  • 43% of the codebases contained vulnerabilities over 10 years old.
  • 85% of the codebases contained components that were out of date or inactive for at least two years.

License conflicts add to risk:

  • 32% of the audited codebases contained custom licenses that could cause conflict or needed legal review.
  • 68% of the codebases contained license conflicts.

Numbers were taken from anonymized data on 1,200+ commercial codebases from 17 industries—from aerospace to virtual reality—examined in 2018 in Black Duck Audits.

Open source trends Infographic

Published at DZone with permission of Fred Bals, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Quick Pattern-Matching Queries in PostgreSQL and YugabyteDB
  • Utilize OpenAI API to Extract Information From PDF Files
  • Taming Cloud Costs With Infracost
  • Building a Scalable Search Architecture

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: