One in 10 Open Source Components Downloaded by UK Firms Contain a Known Vulnerability

Many companies are still using the flawed Struts component, which was responsible for the Equifax breach There is a slight decrease in vulnerable downloads as businesses improve software supply chain management. Better supplier choices, component selection and use of automation can bring impressive rewards   Vulnerable open source software components are posing a security threat to UK firms, according to Sonatype’s 2019 State of the Software Supply Chain report.

Read full article on Open Source For U