Software Integrity Blog

 

[Infographic] Key findings from the 2020 OSSRA report

Our 2020 OSSRA infographic shows key findings and open source trends from the Synopsys Open Source Security and Risk Analysis report. Download the free PDF.

2020 OSSRA findings infographic

Do you know what’s in your code? Open source can be a great foundation for modern software development. But if you don’t manage it properly, you open yourself up to security, license compliance, and code quality risks.

The 2020 Open Source Security and Risk Analysis report examines audit data from 1,250+ commercial codebases and reveals trends in how organizations are using and managing open source—and where there’s room to improve. Our new infographic shows the most important open source trends from the 2020 OSSRA report. Get the PDF version here.

Download the 2020 OSSRA report

2020 Open Source Trends at a Glance

Numbers were taken from anonymized data on 1,253 commercial codebases from 17 industries—from aerospace to virtual reality—examined in 2019 by the Black Duck Audit Services team.

Codebases & open source

  • 99% of codebases audited in 2019 contained open source components.
  • In 9 of 17 industries, 100% of the codebases contained open source.
  • Open source made up 70% of the audited codebases.

Vulnerabilities

  • 75% of codebases contained vulnerabilities.
  • 49% of codebases contained high-risk vulnerabilities.

Licensing

  • 33% of codebases contained unlicensed software.
  • 67% of codebases had license conflicts.

Operational factors

  • 82% of codebases had components more than four years out of date.
  • 88% of components had no development activity in the last two years.

Find more information on improving your open source management in the 2020 Open Source Security and Risk Analysis report.

Download the 2020 OSSRA report

 

More by this author