Thursday, December 14, 2006
Why Open Source is more secure than Closed Source...
To date the conversation around security has always been measured from the perspective of binaries while not taking into consideration how the source code was developed...
The risks from unknown security vulnerabilities and quality bugs in open source code pose a problem for the open source community and for consumers of open source software.
The Java Open Review Project identifies and reports bugs and security vulnerabilities in widely used Java open source software. The project was conceived to benefit:
Liferay Enterprise Portal, EJBCA and ServiceMix will now be proven as the most secure portal, certificate authority and enterprise service bus beating out their competition in this regard. This should hopefully speed up the adoption of secure software development practices amongst the vendor community.
I wonder if the folks over at Intalio and Alfresco will also participate...
| | View blog reactionsThe risks from unknown security vulnerabilities and quality bugs in open source code pose a problem for the open source community and for consumers of open source software.
The Java Open Review Project identifies and reports bugs and security vulnerabilities in widely used Java open source software. The project was conceived to benefit:
- The open source community. By finding problems before they become major issues, we help improve the open source projects we examine. Project owners get full analysis results from Fortify SCA and FindBugs and can easily review, comment and act on the findings.
- Open source consumers. Open source consumers can gauge the level of risk involved in different open source components.
Liferay Enterprise Portal, EJBCA and ServiceMix will now be proven as the most secure portal, certificate authority and enterprise service bus beating out their competition in this regard. This should hopefully speed up the adoption of secure software development practices amongst the vendor community.
I wonder if the folks over at Intalio and Alfresco will also participate...
