Friday, April 13, 2007
ECM / BPM Vendors and Security Vulnerabilities
I have been passionate lately in understanding more about secure coding practices and have been familiarizing myself with the plethora of tools in the marketplace. Most recently I have scanned several open source product offerings in the BPM and ECM space and was shocked to find out how many vulnerabilities exist.
The wonderful thing about open source is that this type of analysis becomes transparent to the user of the software and can't be buried by the vendor. Some of the products I have looked at include: Alfresco, Intalio, SugarCRM and Hyperic and can tell that while functionality is comparable to their closed source equivalents that security in terms of code practices would be a great area for these entities to focus on.
| | View blog reactionsThe wonderful thing about open source is that this type of analysis becomes transparent to the user of the software and can't be buried by the vendor. Some of the products I have looked at include: Alfresco, Intalio, SugarCRM and Hyperic and can tell that while functionality is comparable to their closed source equivalents that security in terms of code practices would be a great area for these entities to focus on.
