New research from Endor Labs offers a view into the rampant but often unmonitored use of existing open-source software in application development and the dangers arising from this common practice. Open source vulnerabilities As just one example, the research reveals that 95% of all vulnerabilities are found in transitive dependencies – open-source code packages that developers do not select, but are indirectly pulled into projects. This is the first report from Station 9, a research … More
The post Research reveals where 95% of open source vulnerabilities lie appeared first on Help Net Security.