Open source developers apparently don't adhere to best practices such as using static analysis and conducting regular security audits, found Coverity's Spotlight report, released Wednesday. The Coverity Scan service, which is available at no charge to open source projects, helped devs find and fix about 50,000 quality and security defects in code last year. That number can be attributed in part to continuous improvement, which lets users find previously undetected defects.Report: Open Source Needs to Get With the Security Program
Open source developers apparently don't adhere to best practices such as using static analysis and conducting regular security audits, found Coverity's Spotlight report, released Wednesday. The Coverity Scan service, which is available at no charge to open source projects, helped devs find and fix about 50,000 quality and security defects in code last year. That number can be attributed in part to continuous improvement, which lets users find previously undetected defects.
0 comments:
Post a Comment