Open Source Security Survey 2014: Community Embraces Security
The 2014 Open Source and Application Security survey, conducted for the fourth time with a new approach to results presentation, has revealed interesting insights into the preferences of sponsors regarding community practices. The survey, independently analyzed by Adrian Lane, CTO and Security Analyst at Securosis, hints at the growing acceptance of open source software's security.
A significant portion of respondents believed open source software is more secure than commercial off-the-shelf (COTS) software. This perception is likely influenced by the community's shared data points and open source development trends highlighted in the survey. Several questions focused on vulnerability tracking and security responsibilities within open source development, further emphasizing the community's commitment to security.
Sonatype, the company behind the survey, invited feedback on Adrian Lane's interpretation through the Securosis blog. Lane's analysis was published in a 3-part blog series and a more detailed research brief, providing developers with valuable insights to select open source distributions and leverage community data points.
The 2014 Open Source and Application Security survey has provided a comprehensive look into the security perceptions and practices within the open source community. The results, independently analyzed by Adrian Lane, can help developers make informed decisions about open source distributions and application security. The community's focus on vulnerability tracking and shared data points further strengthens the case for open source software's security.
