2020 Open Source Security and Risk Analysis (OSSRA) Report
A deep dive into the state of open source security, license compliance, and code quality risk
Open source is a great foundation for modern software development. But when not managed properly, open source can expose you to numerous risks—including licensing, security, and code quality risk.
The 2020 Open Source Security and Risk Analysis (OSSRA) Report is the resource you need to learn why you need to identify and manage the open source in your code. Based on the anonymized data from more than 1,250 audited codebases, the report provides insights and eye-opening statistics about open source security, license compliance, and code quality risk in commercial software.
Download the 2020 OSSRA report
The 2020 OSSRA report contains detailed sections on:
The need for a software bill of materials (BOM)
Open source composition of codebases audited in 2019
The threat of unpatched open source vulnerabilities
Vulnerabilities found in our audits
Recommendations on setting vulnerability patching priorities