‘One-in-four’ organisations don’t have faith in open source security

One-in-four organisations don’t have faith in open source security according to a report commissioned by cybersecurity firm Snyk and The Linux Foundation.

The findings were based on a survey of more than 550 respondents, as well as data pulled from “1.3 billion” open source projects from Snyk’s Open Source platform.

The report found the average application development project has 49 vulnerabilities and 80 direct dependencies.

In addition, the amount of time it takes to fix vulnerabilities within open source projects increased from 49 days in 2018 to 110 days in 2021 according to the report.

Despite firms recognising the potential dangers of open source security, the research found that less than half - 49 per cent - have a security policy in place for OSS development or usage.

Large firms are even more negligent, according to the report, with the number of firms with a specific open source security policy in place dropping down to 27 per cent among medium and large size companies.

Furthermore, less than a third - 30 per cent - of organisations without an open source security policy are aware of the fact that at the moment, no one is addressing the security of open source software.

“Software developers today have their own supply chains – instead of assembling car parts, they are assembling code by patching together existing open-source components with their unique code,” said Matt Jarvis, director, developer relations at Snyk. “While this leads to increased productivity and innovation, it has also created significant security concerns.”

    Share Story:

Recent Stories


The future-ready CFO: Driving strategic growth and innovation
This National Technology News webinar sponsored by Sage will explore how CFOs can leverage their unique blend of financial acumen, technological savvy, and strategic mindset to foster cross-functional collaboration and shape overall company direction. Attendees will gain insights into breaking down operational silos, aligning goals across departments like IT, operations, HR, and marketing, and utilising technology to enable real-time data sharing and visibility.

The corporate roadmap to payment excellence: Keeping pace with emerging trends to maximise growth opportunities
In today's rapidly evolving finance and accounting landscape, one of the biggest challenges organisations face is attracting and retaining top talent. As automation and AI revolutionise the profession, finance teams require new skillsets centred on analysis, collaboration, and strategic thinking to drive sustainable competitive advantage.