Open Source

March 18, 2024

Nearly three-quarters of commercial codebases assessed for risk contain open source components impacted by high-risk vulnerabilities, representing a sharp uptick from the previous year, according to the Open Source Security and Risk Analysis (OSSRA) report from Synopsys ...

February 29, 2024

Open source code is the bedrock of modern application development. Many applications are built almost entirely from open source components ... So what should you be looking for when making open source package choices for your applications? Here are ten critical questions to ask yourself before using an open source project ...

February 21, 2024

According to the 2024 State of Open Source Report — from Perforce in collaboration with the Open Source Initiative and the Eclipse Foundation — 95% of respondents say that they have increased or maintained their use of open source in 2023 (33% of those significantly so) ...

October 26, 2023

Companies relying on open-source libraries introduce risks to their end-users, so they're on the hook for thoroughly auditing all software. The internal security principles guiding the auditing process are often called open-source governance. However critical, open-source governance principles can hinder vital development metrics like deployment time. Navigating the balance between organizational imperatives and risk management is thus an ever-more essential — and challenging — aspect of a developer's daily life ...

October 05, 2023

In 2023, twice as many software supply chain attacks took place as 2019-2022 combined, according to State of the Software Supply Chain Report ...

April 25, 2023

In mid 2022, the Open Source Software Security Foundation (OpenSSF) launched a 10-point plan to promote and improve the security of open source software. Here are their observations in combination with our own ...

April 24, 2023

Open source isn't a strategy, it's a philosophy of collaboration. It's the fabric of millions of commercial projects in industries like FinTech, IT and AI. But there's something curious about open source — it makes up the majority of codebases, so surely the packages have hundreds of eyes keeping watch on their security posture? Unfortunately not ...

April 19, 2023

Open-source software (OSS) constitutes over 70% of all software, and a new report — What's in Your Open-Source Software? — compiled by Lineaje Data Labs, uncovers the inherent risk and ease of software supply chain tampers in the Apache Software Foundation's most popular products and their dependencies ...

March 21, 2023

While open source is no more or less vulnerable than any other type of software, vulnerabilities in the open source supply chain cannot be managed in the same way as the software an organization creates in-house or purchases from a commercial vendor. There are several reasons why ...

January 11, 2022

As part of the 2022 DevOps Predictions list, DEVOPSdigest asked industry experts how they think cloud will evolve and impact DevOps in 2022. This is Part 2 ...

April 15, 2021

Teams have made great strides to support the shift toward digital-focused solutions and capabilities, but the clock is ticking for those companies that are lagging in their digital innovation efforts. In Kong Inc.'s second annual Digital Innovation Benchmark, 51% of the 400 IT leaders surveyed in the US and Europe believe that their organization can only survive up to three years before going out of business or being absorbed by a competitor if they are unable to keep up with digital innovation ...

December 14, 2020

Industry experts offer thoughtful, insightful, and often controversial predictions on how DevOps and related technologies will evolve and impact business in 2021. Part 3 covers DevOps tools and automation ...

January 16, 2020

2020 will mark a tipping point in cloud, as new applications and software will become "cloud first" — and technology that avoids the cloud will increasingly be seen as a costly oddity ...

October 10, 2019

Given the collaborative, transparent nature of open source software, one of the best ways to determine what's driving the industry — and what stands to impact it in years to come — is to simply notice what everyone is talking about. In reviewing the speaker proposal data from O'Reilly's Open Source Software Conference (OSCON), we were able to determine how interest in popular open source software topics have evolved, how industry professionals are approaching and interpreting them, and which tools are becoming increasingly prevalent. Below are three core findings that are indicative of where open source software is headed ...

May 29, 2019

It's become common practice to use open source languages to code, helping companies iterate and release more quickly in a DevOps world. However, these languages bring some challenges with them, adding complexity and risk. Developers are still wasting time on retrofitting languages to comply with enterprise criteria, according to ActiveState's annual developer survey ...

December 03, 2018

ActiveState surveyed developers and programmers in 92 countries to better understand their pain points and assess how businesses can better work with their organizations. The survey results establish a starting point for understanding the challenges that coders confront when working with open source runtimes ...

September 13, 2018

"Our research provides compelling evidence that smart investments in technology, process, and culture drive profit, quality, and customer outcomes that are important for organizations to stay competitive and relevant -- both today and as we look to the future," said Dr. Nicole Forsgren, co-founder and CEO of DevOps Research and Assessment (DORA), referring to the organization's latest report Accelerate: State of DevOps 2018: Strategies for a New Economy ...

August 23, 2018

After another record year of breaches, The 2018 DevSecOps Community Survey found that 3 in 10 respondents suspected or verified breaches stemming from vulnerabilities in open source components — a 55% increase over 2017, and 121% increase since 2014 ...

April 12, 2018

Only 52 percent of developers using commercial or open source components in their applications update those components when a new security vulnerability is announced, according to new research conducted by Vanson Bourne for CA Veracode, part of CA Technologies. This highlights organizations' lack of security awareness and puts organizations at risk of a breach ...

August 21, 2017

Open source technologies are permeating every aspect of business operations and digital transformations. They are integral to mission-critical functionality. According to a recent survey from NodeSource, 91 percent of enterprise software developers believe new companies will be created from today's open source projects ...

July 18, 2017

In the last year, businesses around the globe significantly increased their use of open source and although they readily acknowledge growing concerns about open source-related security and operational risks, the effective management of open source is not keeping pace with the increase in use ...

December 19, 2016

DevOps experts — analysts and consultants, users and the top vendors — offer thoughtful, insightful, often controversial and sometimes contradictory predictions on how DevOps and related technologies will evolve and impact business in 2017. Part 6, the final installment, covers DevOps tools and DevOps people ...

December 07, 2016

DevOps still challenges IT organizations particularly when applied to complex, heterogeneous legacy IT. Those systems must be monitored, secured, scaled, load balanced, and configured, a task that can quickly unravel the promise of DevOps. That's because we tend to carry over many of the pre-DevOps manual and time-consuming infrastructure management tasks into the new world order ...

May 31, 2016

DevOps is firmly in the mainstream today but it is not static. The next generation of DevOps tools is evolving, and the success of DevOps is driving changes in software architecture styles. Ovum's latest research shows some important ways DevOps is changing and driving change ...