23 Jul 2020
It’s all around you, so you start to accept the risks. But just because open source software is everywhere doesn’t mean it’s the right choice for you and your organization. You’ve probably encountered it in your everyday life; with names like VLC Media Player, GIMP, and Audacity in the game, open source software (OSS) is an increasingly popular resource for increasingly large user bases. What makes a piece of software open source? Simply put: collaboration. When the source code for certain computer software is released under a license that grants users the rights to use, study, change, and distribute the software to anyone for any purpose, that software is classified as OSS. Nowadays, OSS software is mainstream, to the point that some major IT security providers make use of open source assessment tools in servicing their clients. Yet experts warn that the risks may be far greater than we realize. Here at BAI Security, we believe in assessing your organization’s IT security with only best-in-breed, globally recognized tools deployed by our highly specialized and entirely in-house expert team of auditors. But what happens when other providers use open source assessment tools, thereby introducing dozens of potentially risky variables that may compromise your assessment results or even your whole environment?