Key Findings from The OSSRA 2020 Report

INDUSTRY.co.id - Our 2020 OSSRA infographic shows key findings and open source trends from the Synopsys Open Source Security and Risk Analysis report.

Do you know what’s in your code? Open source can be a great foundation for modern software development. But if you don’t manage it properly, you open yourself up to security, license compliance, and code quality risks.

The 2020 Open Source Security and Risk Analysis report examines audit data from 1,250+ commercial codebases and reveals trends in how organisations are using and managing open source - and where there’s room to improve. Our new infographic shows the most important open source trends from the 2020 OSSRA report. Get the PDF version here.

2020 Open Source Trends at a Glance, numbers were taken from anonymised data on 1,253 commercial codebases from 17 industries - from aerospace to virtual reality - examined in 2019 by the Black Duck Audit Services team.

Codebases & open source,

99% of codebases audited in 2019 contained open source components. In 9 of 17 industries, 100% of the codebases contained open source. Open source made up 70% of the audited codebases.

Vulnerabilities,

75% of codebases contained vulnerabilities.

49% of codebases contained high-risk vulnerabilities.

Licensing,

33% of codebases contained unlicensed software.

67% of codebases had license conflicts.

Operational factors,

82% of codebases had components more than four years out of date.

88% of components had no development activity in the last two years.