• Resources
  • Blog
  • Journalists
  • Log In
  • Sign Up
  • Data Privacy
  • Send a Release
Cision PR Newswire: news distribution, targeting and monitoring home
  • News
  • Products
    • Overview
    • Distribution by PR Newswire
    • Cision Communications Cloud®
    • Cision IR
    • All Products
  • Contact
    • General Inquiries
    • Request a Demo
    • Editorial Bureaus
    • Partnerships
    • Media Inquiries
    • Worldwide Offices

 

When typing in this field, a list of search results will appear and be automatically updated as you type.

Searching for your content...

No results found. Please change your search terms and try again.
  • News in Focus
      • Browse News Releases
      • All News Releases
      • All Public Company
      • English-only


      • News Releases Overview
      • Multimedia Gallery
      • All Multimedia
      • All Photos
      • All Videos


      • Multimedia Gallery Overview
      • Trending Topics
      • All Trending Topics


  • Business & Money
      • Auto & Transportation
      • All Automotive & Transportation
      • Aerospace, Defense
      • Air Freight
      • Airlines & Aviation
      • Automotive
      • Maritime & Shipbuilding
      • Railroads and Intermodal Transportation
      • Supply Chain/Logistics
      • Transportation, Trucking & Railroad
      • Travel
      • Trucking and Road Transportation


      • Auto & Transportation Overview
      • Business Technology
      • All Business Technology
      • Blockchain
      • Broadcast Tech
      • Computer & Electronics
      • Computer Hardware
      • Computer Software
      • Data Analytics
      • Electronic Commerce
      • Electronic Components
      • Electronic Design Automation
      • Financial Technology
      • High Tech Security
      • Internet Technology
      • Nanotechnology
      • Networks
      • Peripherals
      • Semiconductors


      • Business Technology Overview
      • Entertain­ment & Media
      • All Entertain­ment & Media
      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television


      • Entertain­ment & Media Overview
      • Financial Services & Investing
      • All Financial Services & Investing
      • Accounting News & Issues
      • Acquisitions, Mergers and Takeovers
      • Banking & Financial Services
      • Bankruptcy
      • Bond & Stock Ratings
      • Conference Call Announcements
      • Contracts
      • Cryptocurrency
      • Dividends
      • Earnings
      • Earnings Forecasts & Projections
      • Financing Agreements
      • Insurance
      • Investments Opinions
      • Joint Ventures
      • Mutual Funds
      • Private Placement
      • Real Estate
      • Restructuring & Recapitalization
      • Sales Reports
      • Shareholder Activism
      • Stock Offering
      • Stock Split
      • Venture Capital


      • Financial Services & Investing Overview
      • General Business
      • All General Business
      • Awards
      • Commercial Real Estate
      • Corporate Expansion
      • Earnings
      • Human Resource & Workforce Management
      • Licensing
      • New Products & Services
      • Obituaries
      • Outsourcing Businesses
      • Overseas Real Estate (non-US)
      • Personnel Announcements
      • Real Estate Transactions
      • Residential Real Estate
      • Small Business Services
      • Socially Responsible Investing
      • Surveys, Polls and Research
      • Trade Show News


      • General Business Overview
  • Science & Tech
      • Consumer Technology
      • All Consumer Technology
      • Artificial Intelligence
      • Blockchain
      • Cloud Computing/Internet of Things
      • Computer Electronics
      • Computer Hardware
      • Computer Software
      • Consumer Electronics
      • Cryptocurrency
      • Data Analytics
      • Electronic Commerce
      • Electronic Gaming
      • Financial Technology
      • Mobile Entertainment
      • Multimedia & Internet
      • Peripherals
      • Social Media
      • STEM (Science, Tech, Engineering, Math)
      • Supply Chain/Logistics
      • Wireless Communications


      • Consumer Technology Overview
      • Energy & Natural Resources
      • All Energy
      • Alternative Energies
      • Chemical
      • Electrical Utilities
      • Gas
      • General Manufacturing
      • Mining
      • Mining & Metals
      • Oil & Energy
      • Oil and Gas Discoveries
      • Utilities
      • Water Utilities


      • Energy & Natural Resources Overview
      • Environ­ment
      • All Environ­ment
      • Conservation & Recycling
      • Environmental Issues
      • Environmental Policy
      • Environmental Products & Services
      • Green Technology
      • Natural Disasters


      • Environ­ment Overview
      • Heavy Industry & Manufacturing
      • All Heavy Industry & Manufacturing
      • Aerospace & Defense
      • Agriculture
      • Chemical
      • Construction & Building
      • General Manufacturing
      • HVAC (Heating, Ventilation and Air-Conditioning)
      • Machinery
      • Machine Tools, Metalworking and Metallurgy
      • Mining
      • Mining & Metals
      • Paper, Forest Products & Containers
      • Precious Metals
      • Textiles
      • Tobacco


      • Heavy Industry & Manufacturing Overview
      • Telecomm­unications
      • All Telecomm­unications
      • Carriers and Services
      • Mobile Entertainment
      • Networks
      • Peripherals
      • Telecommunications Equipment
      • Telecommunications Industry
      • VoIP (Voice over Internet Protocol)
      • Wireless Communications


      • Telecomm­unications Overview
  • Lifestyle & Health
      • Consumer Products & Retail
      • All Consumer Products & Retail
      • Animals & Pets
      • Beers, Wines and Spirits
      • Beverages
      • Bridal Services
      • Cannabis
      • Cosmetics and Personal Care
      • Fashion
      • Food & Beverages
      • Furniture and Furnishings
      • Home Improvement
      • Household, Consumer & Cosmetics
      • Household Products
      • Jewelry
      • Non-Alcoholic Beverages
      • Office Products
      • Organic Food
      • Product Recalls
      • Restaurants
      • Retail
      • Supermarkets
      • Toys


      • Consumer Products & Retail Overview
      • Entertain­ment & Media
      • All Entertain­ment & Media
      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television


      • Entertain­ment & Media Overview
      • Health
      • All Health
      • Biometrics
      • Biotechnology
      • Clinical Trials & Medical Discoveries
      • Dentistry
      • FDA Approval
      • Fitness/Wellness
      • Health Care & Hospitals
      • Health Insurance
      • Infection Control
      • International Medical Approval
      • Medical Equipment
      • Medical Pharmaceuticals
      • Mental Health
      • Pharmaceuticals
      • Supplementary Medicine


      • Health Overview
      • Sports
      • All Sports
      • General Sports
      • Outdoors, Camping & Hiking
      • Sporting Events
      • Sports Equipment & Accessories


      • Sports Overview
      • Travel
      • All Travel
      • Amusement Parks and Tourist Attractions
      • Gambling & Casinos
      • Hotels and Resorts
      • Leisure & Tourism
      • Outdoors, Camping & Hiking
      • Passenger Aviation
      • Travel Industry


      • Travel Overview
  • Policy & Public Interest
      • Policy & Public Interest
      • All Policy & Public Interest
      • Advocacy Group Opinion
      • Animal Welfare
      • Congressional & Presidential Campaigns
      • Corporate Social Responsibility
      • Domestic Policy
      • Economic News, Trends, Analysis
      • Education
      • Environmental
      • European Government
      • FDA Approval
      • Federal and State Legislation
      • Federal Executive Branch & Agency
      • Foreign Policy & International Affairs
      • Homeland Security
      • Labor & Union
      • Legal Issues
      • Natural Disasters
      • Not For Profit
      • Patent Law
      • Public Safety
      • Trade Policy
      • U.S. State Policy


      • Policy & Public Interest Overview
  • People & Culture
      • People & Culture
      • All People & Culture
      • Aboriginal, First Nations & Native American
      • African American
      • Asian American
      • Children
      • Diversity, Equity & Inclusion
      • Hispanic
      • Lesbian, Gay & Bisexual
      • Men's Interest
      • People with Disabilities
      • Religion
      • Senior Citizens
      • Veterans
      • Women


      • People & Culture Overview
      • In-Language News

      • español
      • português
      • Česko
      • Danmark
      • Deutschland
      • España
      • France
      • Italia
      • Nederland
      • Norge
      • Polska
      • Portugal
      • Россия
      • Slovensko
      • Suomi
      • Sverige
  • Overview
  • Distribution by PR Newswire
  • Cision Communications Cloud®
  • Cision IR
  • All Products
  • General Inquiries
  • Request a Demo
  • Editorial Bureaus
  • Partnerships
  • Media Inquiries
  • Worldwide Offices
  • PR Newswire: news distribution, targeting and monitoring
  • Send a Release
    • ALL CONTACT INFO

      Contact Us

      888-776-0942
      from 8 AM - 10 PM ET

  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR
  • News in Focus
    • Browse All News
    • Multimedia Gallery
    • Trending Topics
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • Business & Money
    • Auto & Transportation
    • Business Technology
    • Entertain­ment & Media
    • Financial Services & Investing
    • General Business
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • Science & Tech
    • Consumer Technology
    • Energy & Natural Resources
    • Environ­ment
    • Heavy Industry & Manufacturing
    • Telecomm­unications
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • Lifestyle & Health
    • Consumer Products & Retail
    • Entertain­ment & Media
    • Health
    • Sports
    • Travel
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • Policy & Public Interest
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • People & Culture
    • People & Culture
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR
  • Overview
  • Distribution by PR Newswire
  • Cision Communications Cloud®
  • Cision IR
  • All Products
  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR
  • General Inquiries
  • Request a Demo
  • Editorial Bureaus
  • Partnerships
  • Media Inquiries
  • Worldwide Offices
  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR

Synopsys Study Shows Open Source Security Top-of-Mind but Patching Too Slow

Global survey of 1,500 IT professionals finds that 40% of respondents worldwide had delivery schedules disrupted to address open source vulnerabilities


News provided by

Synopsys, Inc.

Dec 08, 2020, 09:05 ET

Share this article

Share this article


MOUNTAIN VIEW, Calif., Dec. 8, 2020 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS) today released the report, DevSecOps Practices and Open Source Management in 2020. Produced by the Synopsys Cybersecurity Research Center (CyRC), the report highlights the findings from a survey of 1,500 IT professionals working in cyber security, software development, software engineering, and web development. The report explores the strategies that organizations around the world are using to address open source vulnerability management as well as the growing problem of outdated or abandoned open source components in commercial code.

Open source plays a critical role in today's software ecosystem. The overwhelming majority of modern codebases contain open source components, with open source often comprising 70% or more of the overall code. Yet paralleling the growth of open source use is the mounting security risk posed by unmanaged open source. In fact, according to the 2020 OSSRA report, 75% of the codebases audited by Synopsys contain open source components with known security vulnerabilities. To combat this situation, respondents to the survey cite identification of known security vulnerabilities as the number one criterion when vetting new open source components.

"It's clear that unpatched vulnerabilities are a major source of developer pain, and ultimately business risk." said Tim Mackey, principal security strategist of the Synopsys Cybersecurity Research Center. "The 'DevSecOps Practices and Open Source Management in 2020' report highlights how organizations are struggling to effectively track and manage their open source risk."

"Over half—51%—say it takes two to three weeks for them to apply an open source patch," Mackey continued. "This is likely tied to the fact that only 38% are using an automated software composition analysis (SCA) tool to identify which open source components are in use and when updates are released. The remaining organizations are probably employing manual processes to manage open source—processes that can slow down development and operations teams, forcing them to play catch-up on security in a climate where, on average, dozens of new security disclosures are published daily."

Other noteworthy findings in the "DevSecOps Practices and Open Source Management in 2020" report include:

  • DevSecOps is rapidly growing worldwide. A combined 63% of respondents reported that they are incorporating some measure of DevSecOps activities into their software development pipelines.
  • There is no universally adopted application security testing (AST) tool. As the responses to the survey questions indicate, there is no shortage of application security testing tools and techniques. However, even the AST tool with the highest adoption rate is still only utilized by less than half of respondents.
  • The media plays an important role in open source risk management. Forty-six percent of respondents noted that media coverage had prompted their organization to apply more stringent controls on open source usage.
  • Forty-seven percent of respondents are defining standards around the age of open source components they use. A growing issue in the open source community is project sustainability. A 2020 Synopsys study showed that 91% of codebases audited in 2019 contained open source components that either were more than four years out of date or had no development activity in the past two years. Security risks increase when obsolete code is deployed, including the threat of an open source component being hijacked. Such a situation occurred in 2018 when the event-stream component was hijacked to target Bitcoin in Copay accounts.

To learn more, download a copy of the DevSecOps Practices and Open Source Management in 2020 report.

About the Synopsys Software Integrity Group

Synopsys Software Integrity Group helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations optimize security and quality in DevSecOps and throughout the software development life cycle. Learn more at www.synopsys.com/software.

About Synopsys

Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world's 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software security and quality solutions. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.

Editorial Contact:
Mark Van Elderen
Synopsys, Inc.
650-793-7450
[email protected]

SOURCE Synopsys, Inc.

Related Links

http://www.synopsys.com

Modal title

Also from this source

Synopsys Delivers Breakthrough Performance with New ZeBu Empower...


Synopsys Co-CEO Aart de Geus to Speak at Virtual Morgan Stanley...

Explore

More news releases in similar topics

  • Computer Software
  • Electronic Design Automation
  • Semiconductors
  • Computer & Electronics
  • Surveys, Polls and Research

    Contact Cision

  • Cision Distribution 888-776-0942
    from 8 AM - 9 PM ET

  • Chat with an Expert
    • General Inquiries
    • Request a Demo
    • Editorial Bureaus
    • Partnerships
    • Media Inquiries
    • Worldwide Offices

    Products

  • Cision Communication Cloud®
  • For Marketers
  • For Public Relations
  • For IR & Compliance
  • For Agency
  • For Small Business
  • All Products

    About

  • About PR Newswire
  • About Cision
  • Become a Publishing Partner
  • Become a Channel Partner
  • Careers
  • COVID-19 Resources
  • Accessibility Statement

    • Asia
    • Brazil
    • Canada
    • Czech
    • Denmark
    • Finland
    • France
    • Germany
    • India
    • Israel
    • Italy
    • Mexico
    • Middle East
    • Netherlands
    • Norway
    • Poland
    • Portugal
    • Russia
    • Slovakia
    • Spain
    • Sweden
    • United Kingdom

    My Services

  • All New Releases
  • Online Member Center
  • ProfNet

Contact Cision


Products


About


My Services
  • All News Releases
  • Online Member Center
  • ProfNet℠
Cision Distribution Helpline
888-776-0942
  • Terms of Use
  • Privacy Policy
  • Information Security Policy
  • Site Map
  • RSS
  • Cookie Settings
Copyright © 2021 Cision US Inc.