The Gram Cracker Effect – Open Source Security Assessment
The Gram Cracker Effect – Open Source Security Assessment There are approximately 150 key security terms defined by the SANS Institute. How many of them focus on the use of open-source code? Surprisingly, none are directly related to code risk assessment. How Can You Consistently Assess the Risks of Open Source Code? To start, tap into your knowledge of security assessment. Yes, this will require research. From your research, you'll be able to identify gaps in your understanding and areas where you need to focus. Step 1: Recognize the Risks of Using Open Source Code One of the highest risks in coding comes from using someone else’s code. Why is this a big risk? Some code is deliberately written to be malicious. Even non-malicious code can contain vulnerabilities that create security holes. Open-source code is often not updated regularly with the latest security patches. Step 2: Develop a Risk...