Software quality, thanks to the open source Heartbleed bug, was thrown into the limelight this year as the world realized how unsecured the IT services they use daily actually are.
Blind trust in Open Source Software Quality?
However, while enterprise IT organizations have come to realize the benefits of using open source, blindly trusting the open source community to catch every mistake in the code is not a sound business decision, and quite frankly, unfair towards open source developers.
You can find open source code all over business applications -- in webservers running Linux and Apache, in databases, in mobile operating systems, and in enterprise grade code libraries. The problem is, while enterprise developers cut and paste code into their applications to keep up with a breakneck velocity, they can’t accurately assess what kinds of vulnerabilities are present in the code.
Securing open source
To help make sense of this software development catch-22, our own Lev Lesokhin spoke with CSO Online about how large IT organizations can secure their business critical applications from known vulnerabilities and shoddy software quality. Be sure to check out the article here.
How are you checking software quality of open source?
How are you using open source software in your organization? And are you taking the proper steps to secure it? If not you could be leaving your organization’s IT vulnerable to countless attacks and slowdowns.
Trust but verify open source software quality
CAST offers a solution for analyzing open source (and customer code) software quality and regaining control of your application. If unscrupulous code is taking away from organization performance or increasing costs, it is time to consider further analysis to identify these problems long before they cause extensive infrastructure damage.
Learn how to improve your bottom line with software intelligence generated by CAST. Click here for a free demo.
Erik Oltmans, an Associate Partner from EY, Netherlands, spoke at the Software Intelligence Forum on how the consulting behemoth uses Software Intelligence in its Transaction Advisory services.
Erik describes the changing landscape of M & A. Besides the financial and commercial aspects, PE firms now equally value technical assessments, especially for targets with significant software assets. He goes on to detail how CAST Highlight makes these assessments possible with limited access to the targetâ€™s systems, customized quality metrics, and liability implications of open source components - all three that are critical for an M&A due diligence.