The most widely used open source software packages for the enterprise are exposing users to significant and unnecessary business risks, according to an open source security study from security firm Fortify Software.
The study, released Monday, concludes that open source software (OSS) development communities have yet to adopt a secure development process and often leave dangerous vulnerabilities unaddressed. Additionally, the study found that nearly all OSS communities fail to provide users access to security expertise to help fix these vulnerabilities and security risks.
The survey, sponsored by Fortify and completed by application security consultant Larry Suto, examined 11 of the most common Java open source packages.
