Receive our newsletter - data, insights and analysis delivered to you
We help software and technology companies to use open source solutions more effectively, by finding and mitigating security and license compliance issues early in the development process and in their continuous delivery process.
As enterprises expand the use of open source software, so do the challenges they face in understanding the scope of open source software used throughout the organization and the corresponding exposure. Without clear insight into the software supply chain, the business faces significant risk associated with exposure to vulnerabilities and risk associated with improper licensing.
Our increasing dependence on embedded software in all facets of life has made the software supply chain a critical issue—sometimes threatening to human life. Examples include the 2020 ransomware incident that impacted a hospital in Germany, causing it to turn away patients, including one who later died, and, in 2021, a bad actor who attempted to poison a Florida city’s water supply by gaining access to the SCADA control system.
This report compiles the data from over 100 Revenera audit services projects in order to identify the latest trends related to what companies know about the open source software (OSS) in their applications, the associated license compliance and security risk, and severity of discovered issues. As the use of open source continues to go up, as well as increased attacks on the software supply chain, this report is critical to understanding how to better seize the opportunities provided by OSS while protecting IP and potential revenue loss from increased risk.
To fully realize the rewards of using open source software, your organization must also understand and manage its associated risks. Aberdeen’s analysis of the findings from hundreds of software composition analysis audits uncovers key insights you need to help make better-informed business decisions about how licensing-related risks should be prioritized and managed to an acceptable level.