An Open Source Risk Sherpa
Open source software (OSS) has clearly become ubiquitous with over 70% of applications utilizing open source components according to Gartner. Although this is helping organizations dramatically reduce the time to market of delivering software, Common Vulnerabilities and Exposures (CVEs) within OSS components continue to be a significant risk. For example, the Heartbleed vulnerability affected over 66% of all active websites in the world with an estimated cost of almost $500 million to fix it.