Open Source Security: Weighing the Pros and Cons

Over the past few years, open source has grown in popularity, especially among developers using open source code in their application development efforts. Open source software offers incredible benefits to enterprises IT and development efforts. Free, available software libraries mean cost savings, easy customization, speed, agility and flexibility for development and IT teams.

There are two types of open source software:

  • PROJECT/COMMUNITY OPEN SOURCE: Developed by a community of developers who voluntarily create, update and support the source code. Examples of community open source projects are Linux and Apache Web Server.
  • COMMERCIAL OPEN SOURCE SOFTWARE (COSS): Open source software owned by a single entity. The owner only accepts code contributions if the contributor transfers copyright of the code to this entity. This kind of open source software may cost money, or it may be free. Red Hat is an example of a COSS company. In the security space, open source hasn’t been as widely embraced, mostly because of concerns over vulnerabilities. While open source software comes from a community of passionate developers, most have very little understanding of the security problems they can create through code. But is open source software actually any less secure than proprietary software?

In this ebook, we examine the state of open source security, and look at the security benefits and challenges when using open source software. How can IT leaders implement open source securely in their organization and know they are making the right decision for their business?