WhiteSource Bolt for GitHub: Free Open Source Vulnerability Management App for Developers
Dec 05, 2018
Developers around the world depend on open source components to build their software products. According to industry estimates, open source components account for 60-80% of the code base in modern applications. Collaboration on open source projects throughout the community produces stronger code, squashing the bugs and catching the vulnerabilities that impact the security of organizations who look to open source components as the key to their application building success. Thanks in part to the "thousand eyeballs" of the community, the number of reported vulnerabilities in open source projects is on the rise, spiking 51% in 2017 from the previous year. This is even more concerning since, as shown in the same study, most vulnerabilities are found in popular projects. Data shows that 32% of the top 100 open source projects have at least one vulnerability, meaning that developers have their work cut out for them, no matter which components they are using in their products....