Ironically, the recent SolarWinds Orion breach may help shed light on this exact shift in the Software Supply Chain paradigm. Despite the opposing views in this debate, one fact remains: 96% of applications use Open Source Code, and 80% of the code in the Software Supply Chain is from Open Source. For most in software development, this is nothing new however, there are many companies who are still staunchly anti-Open Source – believing that Proprietary Code is more secure. By contrast, many would argue that Open Source Code is more secure due to a faster fix/patch/update cycle and the pervasive access to source code (Clarke, Dorwin, and Nash, n.d.). When compared simply to the code itself without any additional tools, Proprietary Code is no more secure than Open Source. The recent SolarWinds breach highlights a new paradigm in the Software Supply Chain.
0 Comments
Leave a Reply. |