CAST

Software Quality: The Problem with Ignoring the Open Source Quality

by

Software quality, thanks to the open source Heartbleed bug, was thrown into the limelight this year as the world realized how unsecured the IT services they use daily actually are.

Blind trust in Open Source Software Quality?
However, while enterprise IT organizations have come to realize the benefits of using open source, blindly trusting the open source community to catch every mistake in the code is not a sound business decision, and quite frankly, unfair towards open source developers.

You can find open source code all over business applications -- in webservers running Linux and Apache, in databases, in mobile operating systems, and in enterprise grade code libraries. The problem is, while enterprise developers cut and paste code into their applications to keep up with a breakneck velocity, they can’t accurately assess what kinds of vulnerabilities are present in the code.

CAST-code-quality-hampster

Securing open source
To help make sense of this software development catch-22, our own Lev Lesokhin spoke with CSO Online about how large IT organizations can secure their business critical applications from known vulnerabilities and shoddy software quality. Be sure to check out the article here.

How are you checking software quality of open source?
How are you using open source software in your organization? And are you taking the proper steps to secure it? If not you could be leaving your organization’s IT vulnerable to countless attacks and slowdowns.

Trust but verify open source software quality
CAST offers a solution for analyzing open source (and customer code) software quality and regaining control of your application. If unscrupulous code is taking away from organization performance or increasing costs, it is time to consider further analysis to identify these problems long before they cause extensive infrastructure damage.

Learn how to improve your bottom line with software intelligence generated by CAST. Click here for a free demo.

Filed in: CAST News
  This report describes the effects of different industrial factors on  structural quality. Structural quality differed across technologies with COBOL  applications generally having the lowest densities of critical weaknesses,  while JAVA-EE had the highest densities. While structural quality differed  slightly across industry segments, there was almost no effect from whether the  application was in- or outsourced, or whether it was produced on- or off-shore.  Large variations in the densities in critical weaknesses across applications  suggested the major factors in structural quality are more related to  conditions specific to each application. CRASH Report 2020: CAST Research on  the Structural Condition of Critical Applications Report
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
Making sense of cloud transitions for financial and telecoms firms Cloud  migration 2.0: shifting priorities for application modernization in 2019  Research Report
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|