In this video for Help Net Security, Donald Fischer, CEO at Tidelift, talks about the state of open-source software supply chain security in 2022.
Open source is the modern application development platform and is becoming an indispensable part of the software development process for organizations of all sizes. At this point, 92% of applications contain open-source components.
Developers love open source because it:
- Makes them more productive
- Speeds up development and deployment time
- Reduces development costs
Despite the many benefits of open source, there are also risks and challenges. We often see organizations investing a lot of time and resources into their digital infrastructure and their own applications, but it all rests on a few open-source components built by individuals who are independently maintaining that software. If we don’t align our incentives with those open-source maintainers, there’s the risk of this infrastructure crumbling down.