2019 Open Source Security and Risk Analysis (OSSRA) Report
Can you say with confidence that the open source components used in your applications are up-to-date with all crucial patches applied? It’s impossible to patch software when you don’t know you’re using it.
The 2019 OSSRA report offers an in-depth look at the state of open source security, compliance, and code quality risk in commercial software. Based on the anonymized data of over 1,200 audited codebases, this report provides:
The latest insights and surprising statistics about open source security and license risk
The components most likely to have identified vulnerabilities
Six key recommendations to improve your application risk management processes