Information Security Forum explores the risks and challenges of open source software
According to the Information Security Forum (ISF), trusted resource for executives and board members on cybersecurity and risk management, open source software (OSS) is emerging as a core part of IT infrastructure and applications, largely due to the growing popularity of agile development methodologies and DevOps practices. With a substantial number of commercial and custom-made applications incorporating OSS, it cannot, and should not, be ignored.
In an effort to support global organizations, the ISF announces the release of Deploying Open Source Software: Challenges and Rewards, helping security professionals recognize the benefits and perceived challenges of using OSS and set up a program of protective measures to effectively manage OSS, which is often seen as being insecure and unsupported, says the release. "As these negative connotations continue to taint its reputation, some organizations officially prohibit it, even though they may unknowingly be using OSS. Others enthusiastically adopt OSS, harnessing its advantages, such as aiding flexible and rapid development. The latest paper from the ISF demonstrates that OSS can be a positive influence on software development, if used and managed responsibly," says the release.