Security Stack Vulnerabilities: Blame it on Insecure Open Source Code

According to recent research, open source vulnerabilities rose by almost 50% in 2019 over the previous year.

by Doug Britton, CTO, RunSafe Security

The debate surrounding open source code is sure to continue for years to come, and we’ve previously detailed both the high-level pros and cons to utilizing it. But one thing for sure is that the usage of open source is nearly unavoidable today and it’s becoming an integral part of any software development effort. With this in mind, another critical element to consider is the variety of security stacks that exist and are based on open source code. The most common of these stacks is often referred to as “LAMP,” but there are countless others as well as tools that don’t fall into a specific stack. Although each offers its own handful of benefits, they also have their own vulnerabilities, given they’re all built on insecure code.