Publications
Publications
- September 19, 2017
- Wall Street Journal
After Equifax Breach, Companies Advised to Review Open-Source Software Code
By: Ben DiPietro and Lou Shipley
Abstract
It doesn’t make much sense: At a time when high-powered automated trading systems can execute stock sales in real time, some companies that rely on open-source software to help to run their businesses track their open-source use on spread sheets on paper.
Lou Shipley, chief executive of Black Duck Software, which sells products to manage and protect open-source software, says the most effective way for companies to understand what is in their open-source software and how to better control it is to use automated processes that scan applications for open-source code, create an inventory of open-source components and check those components against what is in open-source vulnerability databases.
Lou Shipley, chief executive of Black Duck Software, which sells products to manage and protect open-source software, says the most effective way for companies to understand what is in their open-source software and how to better control it is to use automated processes that scan applications for open-source code, create an inventory of open-source components and check those components against what is in open-source vulnerability databases.
Keywords
Software; Open-source; Security Vulnerabilities; Data Privacy; Hack; Applications and Software; Safety; Cybersecurity
Citation
DiPietro, Ben, and Lou Shipley. "After Equifax Breach, Companies Advised to Review Open-Source Software Code." Wall Street Journal (September 19, 2017).