Listening to a podcast where Werner Vogel, Amazon CTO, expresses concern about being vulnerable if you use open source code in your product. He raises the potentially valid point that you have no idea what is happening to your customers data when it's plugged into open source code.
What are the realities here?
Top comments (1)
Haha. Yeah. Though the mitigation of risk is pretty serious right now. The government here has just released quite strict security requirements for the FinTech space and it looks like it's only going to get just as tight for everyday companies and entities.
Who knows? Maybe we'll see requirements for open source to have a regular security audit from some sort of governing body...? Who knows?