Managing the Business Risks of Open Source - Seguridad Mania.com - España y América Latina

It’s no secret that “software is eating the world,” as Marc Andreesen once described – and it’s taking entire communities of development to support it. Over the last decade, open source has become a primary contributor to software in the enterprise. According findings of the Synopsys Center for Open Source Research and Innovation, the average percentage of open source in the codebases scanned by the company's Black Duck audit service increased to 57% from only 36% the prior year. But open source isn’t risk-free: • The security of open source has captured headlines – through the exploitation of the trust placed in community participants, as well as through vulnerabilities that may exist in open source code. Some high-profile incidents have cost business leaders their jobs. • Software represents a substantial investment of intellectual property on which the business itself may depend. Assuring the proper licensing, custody and use of that software is key to reducing business liabilities • When one business acquires or merges with another, software may represent a significant aspect of the investment – if not the primary target. Assurance of the proper ownership and rights in that IP, as well as the security, may make or break a deal. Join Scott Crawford, Research Director for Information Security with 451 Research, and Phil Odence, General Manager of Synopsys’ Black Duck audit group, to take a closer look at these factors, and learn more about approaches that can help businesses more thoroughly evaluate, understand and help eliminate these risks.