Security shifts from blockchain to open source adoption driver

1640545394 Security shifts from blockchain to open source adoption driver

Statement: Companies used to look for open source at lower costs. That's still true, but driver is even more than security, according to a new developer study.

Image: iStock / natasaadzic

Companies have long turned to open source to save money. Studies over the years have captured consumers' intention to reduce costs through open source; analytics firms have called this too. Historically, such studies and / or analyzes have identified common barriers to adoption, including support and security.

Yet, attitudes towards open source have almost completely changed in the last decade. Well, except that organizations still plan to save money by using open source. But perhaps the biggest change of all is in the realm of security.

SEE: Top 5 programming languages ​​for learning systems (Free PDF) (TechRepublic)


    Open source times are 'cantgin'

    This fact struck me when I was reviewing the results of a developer review commissioned by my team. I knew that ideas were shifting, with more emphasis on open source to encourage business flexibility and less on things like “lock-in,” but I hadn't realized how unique the market was. has moved (Figure A.).

    Figure A.


    Image: AWS / Matt Asay

    As mentioned, cost is still a driver for open source adoption, but today's largest number of open source drivers was the biggest deterrent to 10 - year open source adoption Back: Security.

    This is despite things like Heartbleed and other well-publicized open source security breaches. This is despite the largest number of open source vulnerabilities reported. This is despite the fact that almost all the software we use is open source rooted with indefinite authentication or stability of some of these components (leading to the rise of Tidelift and others like them). And this, despite the fact that open source developers admit that they do not want to invest time in securing their code.

    READ  A new spy, Predator, has seized the phones of politicians and journalists - TechCrunch

    But it's probably, it's just because we've become more nimble about software and security, in general.

    Early on, people criticized open source security because, well, yes open. Certainly if hackers see problems in code, they can take advantage of it. Property sellers accumulated, building security through darkness. At the same time, proponents of open source have gone to the other end, arguing that open source is more secure than neglected because "by providing enough eyeballs, all beasts are shallow "The problem, of course, is that it's not true that a lot of" eyes "check open source code to make sure it's secure.

    So neither side was particularly right. But one thing for that has will emerge over time, although open source software is not much more secure (or less), it offers a better way process to get a code. Insects in open source code, when found, are quickly fixed through an open process. Unfortunately, this same process does not guarantee that users will install the solutions on their code.

    Somewhere along the line as a business we realized that security is a process, not something that can be engineered into code. Once that move took place, it was only a matter of time before we realized that open source was the best way to deliver such a process. So enjoy the open source software at a lower price and innovate ... and get better security for free.

    Disclosure: I work for AWS, but the views expressed herein are mine.

    See also

    Related Posts

    Deja una respuesta

    Tu dirección de correo electrónico no será publicada.


    We use cookies to ensure that we give the best user experience on our website. If you continue to use this site we will assume that you agree. More information