Hey community, I’m trying to research the use of open-source components in the security space and figured this would be the best place to start.
Had a few questions that I wanted to ask
- What is your process for approving an open-source solution?
- Does your company secure it’s SDLC (software development life cycle)?
- What tools do you use to keep your SDLC secure?
- In your opinion, what are the biggest pros and cons of using open-source tools in cybersecurity? Appreciate your time.
Top comments (1)
I don't work in tech but I do think one of the advantages of open-source, if it's popular, is that there will be more people trying to solve vulnerabilities in software than there are trying to exploit it. If the project has an active maintainer and a community of contributors, the code should be kept safe. This is all subjective, don't take my word for it.