Hardware & Software| Infrastructure| Datacenters & Servers| Business Intelligence| Cloud Computing| Web Technologies
Home| Security & Compliance| Networking & Communication| Storage & Data Management| Virtualization| Enterprise IT Services
  • Enterprise OSS Packages Expose Users to Risk
    Share
    |
    Email
  • By CXOtoday Staff, Jul 29, 2008 1205 hrs IST
  • Tags : Fortify Software, Roger Thornton, Open Source Security
  • According to Fortify Software s Open Source Security study, widely-used open source software packages for the enterprise are exposing users to significant and unnecessary business risk.

    It also validates that Open Source Software (OSS) development communities have yet to adopt a secure development process. They often leave dangerous vulnerabilities unaddressed.

    The survey examined 11 of the most common Java open source packages. Fortify recommends that enterprises should follow the example of financial services companies in applying risk and coding analysis techniques to their open source software.

    Enterprises should raise security awareness within open source development communities. They should emphasize the importance of preventing vulnerabilities upstream. The enterprise security teams should articulate their security requirements to open source maintainers to accelerate the adoption of secure development lifecycles, according to a press release.

    They should also perform assessments to understand where their open source deployments and components stand from a security standpoint. And then remediate vulnerabilities internally, the release said.

    Roger Thornton, founder and CTO of Fortify Software said, The software could be developed in-house, purchased off-the-shelf, outsourced, or as we're seeing more often, based on open source. In order to mitigate the business risk created by insecure applications, it is imperative that companies adopt a process that allows them to assess, remediate and prevent security vulnerabilities in all of their business software, whatever the source."


    Related Links:

    Sunrise Deploys Amdocs to Transform its OSS

    Mind the Gap Between BSS and OSS
  • When you talk, we listen
  • Do you find CXOtoday useful?
    Advise us on how to make it better.
  • Advertisement  
  • Advertisement  
Home | Security & Compliance | Networking & Communication | Storage & Data Management | Virtualization | Enterprise IT Services | Hardware & Software | Infrastructure | Datacenters & Servers | Business Intelligence | Cloud Computing |
Feedback | Sales Offices | Site Map Copyright (C) 2010 UNML. All Rights Reserved.