North Bridge and Black Duck published last January their 2016 Future of Open Source Survey Results with a lot of interesting conclusions. Maybe the biggest one it’s that Open Source continue gaining force inside the IT business, but its management is chaotic because the lack of process.
Most common problems related on the survey were:
- Nearly 50% of companies have not formal policy and process for selecting and approving open source code.
- One of the major problems of that is security. 47% don’t have a formal process in place to track the code and only 19% of vulnerabilities are detected and fixed automatically.
- Nearly 1/3 has no process for identifying tracking or solving known open source vulnerabilities.
- Over 1/2 companies has no responsible to identify and tracking remediation.